Ok, why would the access control filter allow you to redirect to an action with no GET parameters set in the redirect, but deny permission when you redirect with parameters?
For example, this redirect is allowed:
$this->redirect(array('/listings/newListing'));
This redirect generates a "You are not authorized to perform this action" exception:
$this->redirect(array('/listings/newListing','address'=>$address,'newListingType'=>$type));
Why?
Do you have any URL rules that could be sending the requests to different actions based on the parameters?
Check that the URL you’re directed to is the one you’re expecting in both cases.
The URL reported by Firebug is correct. Only difference between the two is the variables appended to the query string.
I guess that the actionNewListing does not checking if that is a GET request and then throws an exception, so check if you have a filter "postOnly"