the warden block in devise initializer defines an array of strategies in warden config,
require 'devise/strategies/remote_authenticable'
config.warden do |manager|
manager.strategies.add(:remote, Devise::Strategies::RemoteAuthenticatable)
manager.default_strategies(:scope => :user).unshift :remote
end
however the :remote strategy is listed as first...
# warden.config[:default_strategies][:user] => [:remote, :rememberable, :database_authenticatable]
so I modified the #createaction in my users/sessions_controller, to move :remote to the end of the list
# POST /resource/sign_in
def create
warden.config[:default_strategies][:user].push(warden.config[:default_strategies][:user].shift)
self.resource = warden.authenticate!(auth_options)
now, user authentication starts wit Devise ( :rememberable, :database_authenticable) and if it fails , then authentication on the remote server is tried with :remote_authenticable