1. That's an awesome plugin! Thanks for linking it. I wonder if it works with ADFS (the MS Active Directory version of what shibboleth does).
2. (This part is premised on familiarity with the ldap plugin and reading the CAS/shibboleth plugin descriptions.) The problem with your goal is that wordpress doesn't actually know what users are in your shibboleth user directories UNTIL they've been added to a site. If it's like the LDAP plugin, when a blog admin types in the user's LDAP account name it queries the LDAP server to see if they exist, if so then it creates a matching entry in wordpress's database.
So while it's entirely possible to write a plugin to change the Add User page to show the list of wordpress users to blog admins (pulling from the same list as the Site Admin > Users list), it wouldn't show users that are in your directory that haven't been added yet. It's a great idea for a plugin for MU installs only using the local wordpress accounts, but for LDAP/CAS/Shibboleth setups it's a UI catch-22. The user has to be added to display their account name, but without knowing their account name they can't be added.
The only way out of this conundrum would be for the CAS/shibboleth plugin to be able to actually provide a way to do a search for users in the user directories (not wordpress DB) and display a list of matches for the blog admin to select from.
Two good plugin ideas!