BitKoo and OpenIG have solutions that attempt to resolve this issue.
Basically, a Proxy/Gateway is introduced. This is where the access to the actual application is intercepted and password being replayed securely.
In the case of BitKoo, user credential is stored securely in a keystore.
On the other hand, OpenIG (aka ApexIdentity Gateway) integrates, out-of-the-box, with all 3rd party web access management solutions (e.g. OpenAM).
The key point is any web application can come on-board without ever modifying the target application again.