diff --git a/webflux/src/main/java/org/springframework/security/web/server/authorization/DelegatingReactiveAuthorizationManager.java b/webflux/src/main/java/org/springframework/security/web/server/authorization/DelegatingReactiveAuthorizationManager.java
index cfe3427290..d1c1c5e8f5 100644
--- a/webflux/src/main/java/org/springframework/security/web/server/authorization/DelegatingReactiveAuthorizationManager.java
+++ b/webflux/src/main/java/org/springframework/security/web/server/authorization/DelegatingReactiveAuthorizationManager.java
@@ -45,8 +45,12 @@ public class DelegatingReactiveAuthorizationManager implements ReactiveAuthoriza
 	public Mono<AuthorizationDecision> check(Mono<Authentication> authentication, ServerWebExchange exchange) {
 		return Flux.fromIterable(mappings)
 			.concatMap(mapping -> mapping.getMatcher().matches(exchange)
-			.filter(ServerWebExchangeMatcher.MatchResult::isMatch)
-			.flatMap(r -> mapping.getEntry().check(authentication, new AuthorizationContext(exchange, r.getVariables()))))
+				.filter(ServerWebExchangeMatcher.MatchResult::isMatch)
+				.map(r -> r.getVariables())
+				.flatMap(variables -> mapping.getEntry()
+					.check(authentication, new AuthorizationContext(exchange, variables))
+				)
+			)
 			.next()
 			.defaultIfEmpty(new AuthorizationDecision(false));
 	}