For (2), I think so. I am not fully clued up on auth although my name is on several of the files. :)
I thought there was more documentation on this at splitbrain than I was able to find. You may want to scour the mailing list or start a thread there as I am sure its been discussed previously.
Afaik, you will need your own auth class. Your class will most likely use the "external" setting which bypasses auth_login(). You can use the login redirector plugin to direct users to you cms login page if they land at the wiki without having logged in or have the trustExternal() method provide authentication against the same user list that the cms uses. I think (I'm not being terribly helpful here :)) if you use "external" you should be able to control the non-standard characters.
Anyways, you'll probably get a better response to your questions on this at the
mailing list.