Note that LDAP will provide shared credentials but not single sign-on. It's not broadly used and is not thoroughly maintained. Basically, we need someone with a practical use case and some coding experience to provide feedback and possibly help us maintain it.
Shibboleth was a third-party contribution and we don't have a test environment here to validate it. It may also need some dusting off. But as you've noted, I don't think it's comprehensive enough in its scope to include all users, e.g. editorial back-end accounts.
Both are documented at this wiki page
The reason that this is such a sore point is that OJS requires good relational data storage for content attached to users: who reviewed what; who has what role; etc. This means it's necessary for OJS to maintain its own user database for the sake of maintaining a reliable audit trail for the journals. Having that database synchronize against a separate database of some sort introduces a lot of questions about how alignment should be maintained. We haven't managed to determine best practices here.
Public Knowledge Project Team