The AfterInvocationManager is intended to perform filtering or make an access decision after an invocation has taken place.
If the invocation raises an exception, then there is no returned object or collection to filter/modify and ability to make an access-decision is likely to be complicated by the lack of those objects (see
SEC-1525, for example). Since an exception generally means that the invocation has failed, it's also unlikely that an access-decision is required at that point anyway. Any stateful changes should be rolled back by a transaction manager.