BlackWhiteLogin is a role based security plugin for Rails. It provides 4 blacklist and 4 whitelist methods that combine to implement paranoid or permissive security schemes. BlackWhiteLogin imposes very little and allows custom handling of events.
There are no reported vulnerabilities