I have options configured as so:
options.LoginPath = new PathString("/Account/Login");
options.LogoutPath = new PathString("/Account/Logout");
options.AccessDeniedPath = new PathString("/Account/AccessDenied");
In a controller action I return return new HttpUnauthorizedResult(); and the middleware appears to redirect to the login page even though the current user is already authenticated. I've tried returning a 403 status code as mentioned here https://github.com/aspnet/Announcements/issues/40 but this also does not display the AccessDeniedPath configured in options. So the question is, how do I get the AccessDeniedPath to be used after returning an unauthroized result from an action method when the user is already authenticated?