diff --git a/core/src/main/java/org/springframework/security/authorization/AuthorizationAdvisorProxyFactory.java b/core/src/main/java/org/springframework/security/authorization/AuthorizationAdvisorProxyFactory.java
index f8f6707b6e..4d967f1e44 100644
--- a/core/src/main/java/org/springframework/security/authorization/AuthorizationAdvisorProxyFactory.java
+++ b/core/src/main/java/org/springframework/security/authorization/AuthorizationAdvisorProxyFactory.java
@@ -254,7 +254,8 @@ public final class AuthorizationAdvisorProxyFactory
 		/**
 		 * The default {@link TargetVisitor}, which will proxy {@link Class} instances as
 		 * well as instances contained in reactive types (if reactor is present),
-		 * collection types, and other container types like {@link Optional}
+		 * collection types, and other container types like {@link Optional} and
+		 * {@link Supplier}
 		 */
 		static TargetVisitor defaults() {
 			return AuthorizationAdvisorProxyFactory.DEFAULT_VISITOR;
@@ -351,6 +352,9 @@ public final class AuthorizationAdvisorProxyFactory
 			if (target instanceof Optional<?> optional) {
 				return proxyOptional(proxyFactory, optional);
 			}
+			if (target instanceof Supplier<?> supplier) {
+				return proxySupplier(proxyFactory, supplier);
+			}
 			return null;
 		}
 
@@ -483,6 +487,10 @@ public final class AuthorizationAdvisorProxyFactory
 			return optional.map(proxyFactory::proxy);
 		}
 
+		private Supplier<?> proxySupplier(AuthorizationProxyFactory proxyFactory, Supplier<?> supplier) {
+			return () -> proxyFactory.proxy(supplier.get());
+		}
+
 	}
 
 	private static class ReactiveTypeVisitor implements TargetVisitor {
diff --git a/core/src/test/java/org/springframework/security/authorization/AuthorizationAdvisorProxyFactoryTests.java b/core/src/test/java/org/springframework/security/authorization/AuthorizationAdvisorProxyFactoryTests.java
index 432489175c..ef3451c60f 100644
--- a/core/src/test/java/org/springframework/security/authorization/AuthorizationAdvisorProxyFactoryTests.java
+++ b/core/src/test/java/org/springframework/security/authorization/AuthorizationAdvisorProxyFactoryTests.java
@@ -31,6 +31,7 @@ import java.util.SortedMap;
 import java.util.SortedSet;
 import java.util.TreeMap;
 import java.util.TreeSet;
+import java.util.function.Supplier;
 import java.util.stream.Stream;
 
 import org.jetbrains.annotations.NotNull;
@@ -242,6 +243,17 @@ public class AuthorizationAdvisorProxyFactoryTests {
 		SecurityContextHolder.clearContext();
 	}
 
+	@Test
+	public void proxyWhenPreAuthorizeForSupplierThenHonors() {
+		SecurityContextHolder.getContext().setAuthentication(this.user);
+		AuthorizationAdvisorProxyFactory factory = AuthorizationAdvisorProxyFactory.withDefaults();
+		Supplier<Flight> flights = () -> this.flight;
+		assertThat(flights.get().getAltitude()).isEqualTo(35000d);
+		Supplier<Flight> secured = proxy(factory, flights);
+		assertThatExceptionOfType(AccessDeniedException.class).isThrownBy(() -> secured.get().getAltitude());
+		SecurityContextHolder.clearContext();
+	}
+
 	@Test
 	public void proxyWhenPreAuthorizeForStreamThenHonors() {
 		SecurityContextHolder.getContext().setAuthentication(this.user);