d7Situation: I have OpenID 3.1.4 installed, I'm logged in as an admin user, and I have my the blog's own URL as my user site.
When I comment on my own blog, logged in, my blog asks me to authorise itself through OpenID in order to comment. To be clear:
1. I'm logged in to d7.pipemaze.com as an admin user.
2. I leave a comment.
3. d7.pipemaze.com asks me if I want to permit d7.pipemaze.com to reveal my identity to d7.pipemaze.com
4. I told it yes because it refused to let me comment otherwise.
Now when I comment, the comment goes through the OpenID authorization redirect.
The workaround is to remove "http://d7.pipemaze.com/" from my user profile's website field. When I leave that blank the built-in WP user authentication works fine without OpenID hijacking it.
I don't know whether versions earlier to 3.1.4 did this since I couldn't get them to serve an OpenID at all.
