Best of luck getting this to work - I don't think the two mechanisms
are directly compatible. It may actually be *less* painful to set up
something like RubyCAS to do the signon.
BTW: 1.2.3 has a number of known security holes, including some issues
with possible session fixation attacks. You may want to at least try
to upgrade to a higher version in the 1.2.x series.