diff --git a/config/src/main/java/org/springframework/security/config/annotation/method/configuration/AuthorizationProxyWebConfiguration.java b/config/src/main/java/org/springframework/security/config/annotation/method/configuration/AuthorizationProxyWebConfiguration.java
index be26ed3713..af7986762b 100644
--- a/config/src/main/java/org/springframework/security/config/annotation/method/configuration/AuthorizationProxyWebConfiguration.java
+++ b/config/src/main/java/org/springframework/security/config/annotation/method/configuration/AuthorizationProxyWebConfiguration.java
@@ -26,6 +26,7 @@ import org.springframework.beans.factory.config.BeanDefinition;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.context.annotation.Role;
+import org.springframework.core.Ordered;
 import org.springframework.http.HttpEntity;
 import org.springframework.http.ResponseEntity;
 import org.springframework.security.access.AccessDeniedException;
@@ -58,7 +59,9 @@ class AuthorizationProxyWebConfiguration implements WebMvcConfigurer {
 		resolvers.add(new AccessDeniedExceptionResolver());
 	}
 
-	static class WebTargetVisitor implements AuthorizationAdvisorProxyFactory.TargetVisitor {
+	static class WebTargetVisitor implements AuthorizationAdvisorProxyFactory.TargetVisitor, Ordered {
+
+		private static final int DEFAULT_ORDER = 100;
 
 		@Override
 		public Object visit(AuthorizationAdvisorProxyFactory proxyFactory, Object target) {
@@ -81,6 +84,11 @@ class AuthorizationProxyWebConfiguration implements WebMvcConfigurer {
 			return null;
 		}
 
+		@Override
+		public int getOrder() {
+			return DEFAULT_ORDER;
+		}
+
 	}
 
 	static class AccessDeniedExceptionResolver implements HandlerExceptionResolver {