To enable us to support partitioning within the identity management module, I'd like to implement a feature similar to what we had in the previous version of PicketLink IDM, FeaturesMetaData [1]. The IdentityStore interface returns an instance of this (see [2]) which can be used to determine the exact capabilities supported by that IdentityStore instance. This is important for use cases such as where users may be stored in one identity store (such as an LDAP directory), and role and group memberships might be stored in another store (e.g. a database). I will probably implement this in a slightly different fashion using a Set of enum values instead, however the functionality will by and large remain the same. If anyone has any feedback on this proposal, please let me know otherwise I'll proceed with the implementation in the next day or so. Shane [1] https://github.com/picketlink/picketlink-idm/blob/1.4/picketlink-idm-spi/... [2] https://github.com/picketlink/picketlink-idm/blob/1.4/picketlink-idm-spi/...