I need to create a plugin much like Authlogic (or even just add on to Authlogic), but due to requirements beyond my control I need my plugin to authenticate using SOAP.

Basically the plugin would require that anyone accessing the controller (before_filter would be fine) would have to authenticate first. I have ZERO control over the login page, or the SOAP server, I am simply a client attempting to authenticate to the providers SOAP Web Service.

Here is what happens..

1. before_filter realizes that no session[:credential] is set, and forwards the user to the url on the providers servers.

2. The user enters their credentials, and once authenticated, the web service forwards the user to a URL that has been entered by their sysadmins, attaching a token to the url on its way back.

3. I need to take that token, append it to some parameters stored in a local YAML file, and make the SOAP call to the providers server.

4. If all goes as planned, I need to set session[:credential] to the result of the SOAP call, and forward the user to the root page.

5. Subsequent calls to the before_filter will not make the SOAP call, because session[:credential] is set.

Ideally I think this would be awesome to slap on top of Authlogic, but I'm not sure how to do this, So I started to create my own acts_as_soap_authentic plugin, which isn't causing errors, but doesn't do anything..

Anyone have any pointers, or tips as to how I can get the ball rolling here? It seems simple, but is proving not to be..