I've seen lots of questions and confusion (and was a little lost myself for a bit) on the fixes in SharePoint 2010 SP1 + June CU to enable use of the WHR parameter. This does in fact work now but requires a couple of things:
The SPTrustedIdentityTokenIssuer has a property called UseWHomeRealmParameter now; that must be set to true in order for SharePoint to pass the WHR parameter along to the IdP. Here's a short powershell snippet that I used to do this:
$ap = get-sptrustedidentitytokenissuer -identity "ADFS with Roles"$ap.UseWHomeRealmParameter = $true$ap.Update()
Pretty simple - now SharePoint will send along any WHR parameter that it finds.
In my case I wrote an HttpModule to append the WHR parameter. Specifically here is how I did it:
That was it. I tested this using an InPrivate browser session in IE because it won't use the authentication cookies that could otherwise throw off the test results. So far all tests have worked just as hoped - I've also verified in Fiddler that the WHR parameter is now flowing over to ADFS (in my case) as desired. I've attached the source code for my simple litte project to this posting to help get you started.