I have a similar situation, but not with a users model.
The way I handled this is using PostgreSQL and multiple schemas, then
one application owns the table, and the other just has a view of it.
This way you keep your DB implementation of this solution transparent
to Rails (Rails will treat a view called 'users' just like a table
called 'users'.
So your DB would look like this:
ProductionDatabase
Schemas
App1
Views
Users (select * from app2.users)
App2
Tables
Users
Now to make that work, you would need on insert and on delete and on
update rules on your users view obviously.
The other (and probably) more rails way to do it would be to set up a
third authentication application and expose the users table with
ActiveResource. That way you could then plug as many apps into it as
you want.
The third way I would look into is setting up an LDAP server and
authenticating from both apps against that.
Anyway, hope that helps.
--
http://lindsaar.net/
Rails, RSpec and Life blog....
Cool :)