It's been on my wishlist for over a decade.
Now we have a solution for one common application architecture: SDS (SQL Directory Service) is released as 1.0.0.
If a 3-tier web app uses a Web 2.0+ client (Capable of using DOJO 1.8), an OSGi container (like Apache Karaf) and a SQL database, SDS provides a stand-alone user (and groups) database and a web interface or maintaining users and groups, which can be used by applications easily facilitating our DomainPasswordLoginService concept.
SDS_ prefix for it's tables' names allows it to co-exist with the application's tables in a single database.
Together with the multi-auth-backend dispatcher org.clazzes.login.broker it is just as easy to combine sources of authentication: Normal end users might authenticate against LDAP backends like ADS, while other programs (like cronjobs updating a web site) may authenticate towards the SDS tables which may be easier to manage by the application's managers and do not eat up resources and licenses in the ADS infrastructure.