Ok, why would the access control filter allow you to redirect to an action with no GET parameters set in the redirect, but deny permission when you redirect with parameters?
For example, this redirect is allowed:
$this->redirect(array('/listings/newListing'));
This redirect generates a "You are not authorized to perform this action" exception: