Two possible ideas:
a) Put begin/rescue around the call to authenticate in the controller; if exception is thrown, reload page with error message.
b) Change authenticate to return nil intead of throwing; then just check if you got a user back in your controller.
By the way, rails only shows stack traces in development mode. In production the user would just get a 500 page... still not what you want, but you don't have to worry about stack traces being shown to the world.