I'm throwing this out there for ideas - I wouldn't mind contributing myself, but haven't become familiar enough with the source code to know all the different dependencies that would need to be modified.
I would like to see some form of modular authentication built into the administration system - specifically I have LDAP in mind. To that end, with the right authorizations, you could theoretically store server configuration within the LDAP system also for central configuration management. Anyways, OAuth/OpenID authentication would be awesome, as well as PAM, GitHub, some form of database other than LDAP, or even some form of client certificate authentication.
My point is, Railo currently saves passwords locally to the instance. This can be a configuration headache for environments requiring password updates every X days for Y servers...
Anyways, that's enough of my ramblings. Thoughts?