Clarify InvokeHandlersAfterFailure (#36501)

src/Security/Authorization/Core/src/AuthorizationHandlerContext.cs

@@ -67,7 +67,7 @@ namespace Microsoft.AspNetCore.Authorization
             => (IEnumerable<AuthorizationFailureReason>?)_failedReasons ?? Array.Empty<AuthorizationFailureReason>();
 
         /// <summary>
-        /// Flag indicating whether the current authorization processing has failed.
+        /// Flag indicating whether the current authorization processing has failed due to Fail being called.
         /// </summary>
         public virtual bool HasFailed { get { return _failCalled; } }
 

src/Security/Authorization/Core/src/AuthorizationOptions.cs

@@ -14,7 +14,7 @@ namespace Microsoft.AspNetCore.Authorization
         private Dictionary<string, AuthorizationPolicy> PolicyMap { get; } = new Dictionary<string, AuthorizationPolicy>(StringComparer.OrdinalIgnoreCase);
 
         /// <summary>
-        /// Determines whether authentication handlers should be invoked after a failure.
+        /// Determines whether authentication handlers should be invoked after <see cref="AuthorizationHandlerContext.HasFailed"/>.
         /// Defaults to true.
         /// </summary>
         public bool InvokeHandlersAfterFailure { get; set; } = true;