The two more popular solutions these days have already been mentioned:
Devise and Omniauth. They both can integrate with each other, by the
Devise is an authentication system that is very easy to set up and get
running, but my experience with it was that it’s much harder to
customize than, for example, AuthLogic (which is what I’m using these
days, there’s a Rails 3 branch for it over at github that works
Omniauth, by contrast, allows users to login through other systems.
If your app is public-facing, this may be a really good feature to
offer. Say your users have Twitter or Facebook accounts - if you set
it up right, you can let them login through Twitter, Facebook, Google
Apps, etc. with a single click (usually, assuming they’re already
logged in on the third provider of choice).
AuthLogic is another solution that has kind of “fallen by the wayside”
so to speak in terms of popularity. It was really popular back in the
Rails 2.3.x days, but with the release of Rails 3, hasn’t officially
caught up to being compatible with Rails 3 out of the box. However,
as is the nature of open source, some other folks have worked on it to
make it compatible with Rails 3, and as mentioned above, there’s a
specific branch for that over on github that I’m using in a rails
3.0.7 app right now, and it works great.
My personal OPINION (and that’s all it is, an opinion) is that I
happen to like AuthLogic a lot more, because it’s less of a full
solution, and more of a “framework” for authentication, whereas Devise
is more a full stack solution out of the box. Ergo, Devise tends to
be much harder to customize than AuthLogic, because using AuthLogic at
all requires you to put it into your specific controllers the way you
want. It’s not that you CAN’T customize Devise - you can, and there
are several wiki posts about it (note: when I last looked at it, much
of that documentation looked outdated and incompatible with the
current release, but they could have corrected it by now - your
mileage may vary) - but I personally find AuthLogic to be much easier
to use overall, because I generally have some specific things I want
to do with authentication and signups that are more difficult to pull
off in Devise.
Good luck to you!