1 files changed, 15 insertions, 3 deletions

diff --git a/src/DotNetOpenAuth/OpenId/RelyingParty/OpenIdRelyingPartyControlBase.cs b/src/DotNetOpenAuth/OpenId/RelyingParty/OpenIdRelyingPartyControlBase.cs
index 82b1f63..d182684 100644
--- a/src/DotNetOpenAuth/OpenId/RelyingParty/OpenIdRelyingPartyControlBase.cs
+++ b/src/DotNetOpenAuth/OpenId/RelyingParty/OpenIdRelyingPartyControlBase.cs
@@ -481,6 +481,16 @@ namespace DotNetOpenAuth.OpenId.RelyingParty {
 		}
 
 		/// <summary>
+		/// Gets a value indicating whether this control is a child control of a composite OpenID control.
+		/// </summary>
+		/// <value>
+		/// 	<c>true</c> if this instance is embedded in parent OpenID control; otherwise, <c>false</c>.
+		/// </value>
+		protected bool IsEmbeddedInParentOpenIdControl {
+			get { return this.ParentControls.OfType<OpenIdRelyingPartyControlBase>().Any(); }
+		}
+
+		/// <summary>
 		/// Clears any cookie set by this control to help the user on a returning visit next time.
 		/// </summary>
 		public static void LogOff() {
@@ -607,10 +617,12 @@ namespace DotNetOpenAuth.OpenId.RelyingParty {
 				return; // don't do any more processing on it now
 			}
 
-			// Only sniff for an OpenID response if it is targeted at this control.  Note that
-			// Stateless mode causes no receiver to be indicated.
+			// Only sniff for an OpenID response if it is targeted at this control.
+			// Note that Stateless mode causes no receiver to be indicated, and
+			// we want to handle that, but only if there isn't a parent control that
+			// will be handling that.
 			string receiver = this.Page.Request.QueryString[ReturnToReceivingControlId] ?? this.Page.Request.Form[ReturnToReceivingControlId];
-			if (receiver == null || receiver == this.ClientID) {
+			if (receiver == this.ClientID || (receiver == null && !this.IsEmbeddedInParentOpenIdControl)) {
 				var response = this.RelyingParty.GetResponse();
 				Logger.Controls.DebugFormat(
 					"The {0} control checked for an authentication response and found: {1}",