Luke Taylor (Migrated from SEC-1635) said:
The AfterInvocationManager is intended to perform filtering or make an access decision after an invocation has taken place.
If the invocation raises an exception, then there is no returned object or collection to filter/modify and ability to make an access-decision is likely to be complicated by the lack of those objects (see SEC-1525, for example). Since an exception generally means that the invocation has failed, it's also unlikely that an access-decision is required at that point anyway. Any stateful changes should be rolled back by a transaction manager.
Luke Taylor said:
Updated the security interceptor implementations to remove the finally block in which the AfterInvocationManager is called.
This issue relates to https://jira.spring.io/browse/SEC-1967
This issue supersedes #1766