dotnetopenauth Realm protocol exception

Using dotnetopenauth, my code worked fine when using openId.CreateRequest(openIdIdentifier). The return url was /default.aspx which i didnt want so to specify the return_to param i had to fill in realm. The desc of the 2nd param is

    //   realm:
    //     The shorest URL that describes this relying party web site's address.  For
    //     example, if your login page is found at https://www.example.com/login.aspx,
    //     your realm would typically be https://www.example.com/.

So logically the correct code is

var request = openId.CreateRequest(openIdIdentifier, new Uri("http://localdev.com:8844/"), new Uri("http://localdev.com:8844/login"));

However i get this ProtocolException

The openid.return_to parameter (http://localdev.com:8844/login?dnoa.userSuppliedIdentifier=http://myid.myopenid.com/) does not match the actual URL (http://localdev.com:8844/Default.aspx?dnoa.userSuppliedIdentifier=http://myid.myopenid.com/&openid.assoc_handle=...) the requ开发者_如何学Goest was made with.

WTF

How do i return to /login without an exception? and bonus points if you can tell me how to have it use POST instead of GET

I assume you get this error after the OpenID Provider appears on the browser, and during the redirect back to the RP, is that right?

It looks like the Provider you're testing with is sending the browser to the wrong URL. But since it's very unlikely for a Provider to manufacture "default.aspx" out of nowhere, we need to look at the logs to find out exactly what's going on.

You can obtain logs locally by following these instructions. or by trying to log into your own RP site with this OpenID identifier: http://test-id.org/RP/POSTAssertion.aspx This is a diagnostic identifier that will produce log messages at http://test-id.org/TracePage.aspx. Either way you collect them, please add the relevant logs to your question so we can better analyze what's going on.

I was having similar issue today, though I'm using pure MVC3. At least with MVC, there is no need to send returnUrl over with CreateRequest(), it seems to be enough just pass returnUrl as parameter when posting form to your login handler, something like this:

View:

<form action="/Login/LogOn?returnUrl=@returnUrl" method="post">

Controller:

[ValidateInput(false)]
public ActionResult LogOn(string returnUrl)
{...}

Interestingly, returnUrl variable is then still available, even during second pass thru this method during OpenID authentication, when RelyingParty.GetResponse() is no longer null.