`SecurityExpressionRoot#hasAuthority` should delegate to `AuthorizationManagerFactory#hasAuthority(String)`

[thuri]

Expected Behavior

The hasAuthority method of a provided custom AuthorizationManagerFactory should be called when using @PreAuthorize("hasAuthority('foobar')" on a method.

Current Behavior

the hasAnyAuthority method of AuthorizationManagerFactory is called by SecurityExpressionRoot f@PreAuthorize("hasAuthority('foobar')"

Context

I added a Custom AuthorizationManagerFactory as described here.

But instead of handling hasRole as in the example i tried to override hasAuthority. But my method wasn't called.

Using the debugger I found out that SecurityExpressionRoot is actually calling hasAnyAuthority on the AuthorizationManagerFactory.