To provide unified authentication across web (and conceivably other) applications, we want Kerberos.

• Kerberos server
• web host talking to it
• Apache + mod_auth_kerb (or else mod_auth_pam)
• procedure for a developer to set new Kerberos password
• developers: set password to gain wiki edit access!

?tls and schmonz have satisfactorily Kerberized monitor. done