<html>
  <head>
    <meta http-equiv="Content-Type" content="text/html; charset=utf-8">
  </head>
  <body text="#000000" bgcolor="#FFFFFF">
    <div class="moz-cite-prefix">Just to understand. I saw the
      SecurityIdentiy will be called by
      KeycloakHttpServerAuthenticationMechanism, and this will finally
      trigger<br>
      the KeycloakSecurityRealm to create identity.   To make this all
      work, we need to <br>
      configure KeycloakSecurityRealm and
      KeycloakHttpServerAuthenticationMechanism under Elytron subsystem,
      right?<br>
      <br>
       <br>
       06/07/2018 12:25 AM, Pedro Igor Silva wrote:<br>
    </div>
    <blockquote type="cite"
cite="mid:CAJrcDBfO0Jw1DM7Xoz2S7VMgy_sByOKV4-TFiZuG6YxDhqypVA@mail.gmail.com">
      <div dir="ltr">I don't think Keycloak integration code can be
        worked to be a common utility.
        <div><br>
        </div>
        <div>It seems to me that you would need a specific security
          realm implementation from where you could just return an
          authorized identity as a result of parsing the SAML assertion.
          Here is what we have in Keycloak [1]. As you can see, we are
          basically trusting a KeycloakPrincipal, previously created by
          the keycloak adapter, and creating an authorization identity
          from it. We don't re-authenticate the user.</div>
        <div><br>
        </div>
        <div>So when pushContext is called, you could use
          serverauthenticationcontext and the CBH to ask Elytron for a
          security identity. See [2]. In this last example, we pass the
          previously authenticated principal via <span style="color:rgb(36,41,46);font-family:SFMono-Regular,Consolas,&quot;Liberation Mono&quot;,Menlo,Courier,monospace;font-size:12px;white-space:pre;background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial;float:none;display:inline">EvidenceVerifyCallback.</span></div>
        <div><span style="color:rgb(36,41,46);font-family:SFMono-Regular,Consolas,&quot;Liberation Mono&quot;,Menlo,Courier,monospace;font-size:12px;white-space:pre;background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial;float:none;display:inline">
</span></div>
        <div><span
style="font-size:small;background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial;float:none;display:inline">I
            think this might work for you.</span><br>
        </div>
        <div><br>
        </div>
        <div>[1] <a
href="https://github.com/pedroigor/keycloak/blob/d3e559453b7dcf6f0d9f32c5a9a7f8c49403bb3a/adapters/oidc/wildfly-elytron/src/main/java/org/keycloak/adapters/elytron/KeycloakSecurityRealm.java#L83"
            moz-do-not-send="true">https://github.com/pedroigor/keycloak/blob/d3e559453b7dcf6f0d9f32c5a9a7f8c49403bb3a/adapters/oidc/wildfly-elytron/src/main/java/org/keycloak/adapters/elytron/KeycloakSecurityRealm.java#L83</a></div>
        <div>[2] <a
href="https://github.com/pedroigor/keycloak/blob/d3dee07956be8d0ac69466ac9367984ab0ea072d/adapters/oidc/wildfly-elytron/src/main/java/org/keycloak/adapters/elytron/SecurityIdentityUtil.java#L45"
            moz-do-not-send="true">https://github.com/pedroigor/keycloak/blob/d3dee07956be8d0ac69466ac9367984ab0ea072d/adapters/oidc/wildfly-elytron/src/main/java/org/keycloak/adapters/elytron/SecurityIdentityUtil.java#L45</a></div>
      </div>
      <div class="gmail_extra"><br>
        <div class="gmail_quote">On Wed, Jun 6, 2018 at 12:30 AM, Jim Ma
          <span dir="ltr">&lt;<a href="mailto:ema@redhat.com"
              target="_blank" moz-do-not-send="true">ema@redhat.com</a>&gt;</span>
          wrote:<br>
          <blockquote class="gmail_quote" style="margin:0 0 0
            .8ex;border-left:1px #ccc solid;padding-left:1ex">
            <div text="#000000" bgcolor="#FFFFFF"><span class="">
                <div class="m_-520751116552800486moz-cite-prefix">On
                  06/04/2018 09:31 PM, Pedro Igor Silva wrote:<br>
                </div>
                <blockquote type="cite">
                  <div dir="ltr">
                    <div><span
style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:small;font-style:normal;font-variant-ligatures:normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial;float:none;display:inline">
                        <div
style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:small;font-style:normal;font-variant-ligatures:normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial">In
                          Keycloak integration we have a specific
                          security realm implementation that expects a
                          principal previously authenticated by a
                          keycloak adapter (e.g.: using SAML or OIDC)
                          and builds an authorized identity based on it.
                          Basically, what this security realm does is
                          populate the authorized idenitty with
                          information from tokens.</div>
                        <div
style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:small;font-style:normal;font-variant-ligatures:normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial"><br>
                        </div>
                      </span></div>
                    <span
style="color:rgb(34,34,34);font-family:arial,sans-serif;font-size:small;font-style:normal;font-variant-ligatures:normal;font-variant-caps:normal;font-weight:400;letter-spacing:normal;text-align:start;text-indent:0px;text-transform:none;white-space:normal;word-spacing:0px;background-color:rgb(255,255,255);text-decoration-style:initial;text-decoration-color:initial;float:none;display:inline">Later
                      we complete authentication in Elytron and set the
                      token as a credential into the identity. It is
                      worth mention that in Keycloak integration, the
                      adapter is a Elytron HTTP Authentication
                      Mechanism, so we don't deal directly with the
                      security domain but with the callback handler.</span>
                    <div><br>
                    </div>
                    <div>Regarding ElytronSecurityDomainContextIm<wbr>pl,
                      is method pushContext called after a call to
                      isValid ? If so, the security domain should be set
                      with the security identity and you don't even need
                      to keep that ThreadLocal ...<br>
                    </div>
                  </div>
                </blockquote>
                  <br>
              </span>  Thanks Pedro . Do you think the keycloak Elytron
              integration code can be improved or changed to a common
              utility to convert the principal to an Elytron identity?<br>
               Can you please point me the integration code or some
              Elytron example code snippet to build this authorized
              identity from a authenticated principal ?     <br>
              <div>
                <div class="h5"> <br>
                  <blockquote type="cite">
                    <div dir="ltr">
                      <div>
                        <div class="gmail_extra"><br>
                          <div class="gmail_quote">On Thu, May 31, 2018
                            at 7:03 AM, Darran Lofthouse <span
                              dir="ltr">&lt;<a
                                href="mailto:darran.lofthouse@redhat.com"
                                target="_blank" moz-do-not-send="true">darran.lofthouse@redhat.com</a>&gt;</span>
                            wrote:<br>
                            <blockquote class="gmail_quote"
                              style="margin:0px 0px 0px
                              0.8ex;border-left:1px solid
                              rgb(204,204,204);padding-left:1ex">
                              <div dir="ltr">Just added Pedro in CC so
                                see if he has any suggestions - this is
                                sounding similar to the problems he
                                would have needed to handle when he
                                added support for KeyCloak integration
                                using the Elytron APIs.  </div>
                            </blockquote>
                            <blockquote class="gmail_quote"
                              style="margin:0px 0px 0px
                              0.8ex;border-left:1px solid
                              rgb(204,204,204);padding-left:1ex">
                              <div dir="ltr">
                                <div><br>
                                </div>
                                <div>Although the reported problem we
                                  are working on is in the context of
                                  access to the token it does currently
                                  sound that there is a missing
                                  pre-requisite step of tying the
                                  authentication to Elytron to we can
                                  populate a SecurityIdentity.  But this
                                  does not sound like the first time we
                                  have needed to approach this. </div>
                              </div>
                            </blockquote>
                            <blockquote class="gmail_quote"
                              style="margin:0px 0px 0px
                              0.8ex;border-left:1px solid
                              rgb(204,204,204);padding-left:1ex">
                              <div dir="ltr">
                                <div><br>
                                </div>
                                <div>Regards,</div>
                                <div>Darran Lofthouse.</div>
                                <div>
                                  <div
                                    class="m_-520751116552800486gmail-h5">
                                    <div><br>
                                      <br>
                                      <div class="gmail_quote">
                                        <div dir="ltr">On Thu, 31 May
                                          2018 at 10:54 Jim Ma &lt;<a
                                            href="mailto:ema@redhat.com"
                                            target="_blank"
                                            moz-do-not-send="true">ema@redhat.com</a>&gt;
                                          wrote:<br>
                                        </div>
                                        <blockquote class="gmail_quote"
                                          style="margin:0px 0px 0px
                                          0.8ex;border-left:1px solid
                                          rgb(204,204,204);padding-left:1ex">
                                          <div bgcolor="#FFFFFF">
                                            <div
class="m_-520751116552800486gmail-m_6817568120572316212m_6492737856986601187moz-cite-prefix">On
                                              05/31/2018 05:37 PM,
                                              Darran Lofthouse wrote:<br>
                                            </div>
                                            <blockquote type="cite">
                                              <div dir="ltr">So the
                                                validation is within
                                                Apache CXF - is there an
                                                end result to this
                                                validation where you
                                                have access to
                                                everything you need
                                                where we could perform
                                                some additional steps?
                                                <div><br>
                                                </div>
                                              </div>
                                            </blockquote>
                                            <br>
                                          </div>
                                          <div bgcolor="#FFFFFF">  After
                                            Apache CXF validation, we
                                            can get a LoginContext from
                                            CXF's exchange message : <a
class="m_-520751116552800486gmail-m_6817568120572316212m_6492737856986601187moz-txt-link-freetext"
href="https://github.com/apache/cxf/blob/master/core/src/main/java/org/apache/cxf/security/LoginSecurityContext.java"
                                              target="_blank"
                                              moz-do-not-send="true">https://github.com/apache/cxf/<wbr>blob/master/core/src/main/java<wbr>/org/apache/cxf/security/Login<wbr>SecurityContext.java</a><br>
                                             Can we do something to
                                            convert it to an Elytron
                                            authenticated identity ? <br>
                                             Or we have to hook/replace
                                            something with Elytron in
                                            CXF's validation to make
                                            this work ?</div>
                                          <div bgcolor="#FFFFFF"><br>
                                            <br>
                                            <blockquote type="cite"><br>
                                              <div class="gmail_quote">
                                                <div dir="ltr">On Thu,
                                                  31 May 2018 at 10:34
                                                  Jim Ma &lt;<a
                                                    href="mailto:ema@redhat.com"
                                                    target="_blank"
                                                    moz-do-not-send="true">ema@redhat.com</a>&gt;
                                                  wrote:<br>
                                                </div>
                                                <blockquote
                                                  class="gmail_quote"
                                                  style="margin:0px 0px
                                                  0px
                                                  0.8ex;border-left:1px
                                                  solid
                                                  rgb(204,204,204);padding-left:1ex">
                                                  <div bgcolor="#FFFFFF">
                                                    <div
class="m_-520751116552800486gmail-m_6817568120572316212m_6492737856986601187m_399130190808493830moz-cite-prefix">The
                                                      saml validation is
                                                      now Apache CXF's
                                                      SAML
                                                      functionality. We
                                                      can't port the
                                                      CXF's security to
                                                      rely on <br>
                                                      our Elytron.   <br>
                                                    </div>
                                                  </div>
                                                  <div bgcolor="#FFFFFF">
                                                    <div
class="m_-520751116552800486gmail-m_6817568120572316212m_6492737856986601187m_399130190808493830moz-cite-prefix">
                                                      <br>
                                                      On 05/31/2018
                                                      05:07 PM, Darran
                                                      Lofthouse wrote:<br>
                                                    </div>
                                                  </div>
                                                  <div bgcolor="#FFFFFF">
                                                    <blockquote
                                                      type="cite">
                                                      <div dir="ltr">It
                                                        sounds to me
                                                        then that the
                                                        place to start
                                                        is within the
                                                        SAML validation,
                                                        this is
                                                        effectively an
                                                        authentication
                                                        step so should
                                                        be ported over
                                                        to an Elytron
                                                        based
                                                        authentication -
                                                        the end result
                                                        of the
                                                        authentication
                                                        would then be
                                                        the required
                                                        SecurityIdentity
                                                        to propagate
                                                        from container
                                                        to container.
                                                        <div><br>
                                                        </div>
                                                      </div>
                                                      <br>
                                                      <div
                                                        class="gmail_quote">
                                                        <div dir="ltr">On
                                                          Thu, 31 May
                                                          2018 at 03:57
                                                          Jim Ma &lt;<a
href="mailto:ema@redhat.com" target="_blank" moz-do-not-send="true">ema@redhat.com</a>&gt;
                                                          wrote:<br>
                                                        </div>
                                                        <blockquote
                                                          class="gmail_quote"
style="margin:0px 0px 0px 0.8ex;border-left:1px solid
                                                          rgb(204,204,204);padding-left:1ex">
                                                          <div
                                                          bgcolor="#FFFFFF">
                                                          <div
class="m_-520751116552800486gmail-m_6817568120572316212m_6492737856986601187m_399130190808493830m_5946244944197837763moz-cite-prefix">On
                                                          05/30/2018
                                                          09:47 PM,
                                                          Darran
                                                          Lofthouse
                                                          wrote:<br>
                                                          </div>
                                                          <blockquote
                                                          type="cite">
                                                          <div dir="ltr">I
                                                          am currently
                                                          gathering
                                                          together some
                                                          information
                                                          regarding how
                                                          the JCA
                                                          subsystem
                                                          handles the
                                                          requirement of
                                                          populating a
                                                          Subject for
                                                          propagation
                                                          into a
                                                          resource
                                                          adapter,
                                                          however there
                                                          is a general
                                                          question about
                                                          what is
                                                          attempting to
                                                          be achieved
                                                          here.
                                                          <div><br>
                                                          </div>
                                                          <div>Once an
                                                          EJB is secured
                                                          using WildFly
                                                          Elytron the
                                                          associated
                                                          identity is
                                                          not accessed
                                                          as a Subject
                                                          instead it is
                                                          accessed a
                                                          SecurityIdentity
                                                          the current
                                                          SecurityIdentity
                                                          can always be
                                                          retrieved by
                                                          calling the
                                                          current
                                                          SecurityDomain:
                                                          -</div>
                                                          <div><br>
                                                          </div>
                                                          <div><a
href="http://wildfly-security.github.io/wildfly-elytron/1.3.x/api-javadoc/org/wildfly/security/auth/server/SecurityDomain.html#getCurrent--"
target="_blank" moz-do-not-send="true">http://wildfly-security.github<wbr>.io/wildfly-elytron/1.3.x/api-<wbr>javadoc/org/wildfly/security/<wbr>auth/server/SecurityDomain.<wbr>html#getCurrent--</a></div>
                                                          <div><a
href="http://wildfly-security.github.io/wildfly-elytron/1.3.x/api-javadoc/org/wildfly/security/auth/server/SecurityDomain.html#getCurrentSecurityIdentity--"
target="_blank" moz-do-not-send="true">http://wildfly-security.github<wbr>.io/wildfly-elytron/1.3.x/api-<wbr>javadoc/org/wildfly/security/<wbr>auth/server/SecurityDomain.<wbr>html#getCurrentSecurityIdentit<wbr>y--</a></div>
                                                          <div><br>
                                                          </div>
                                                          <div>The
                                                          SecurityIdentity
                                                          has some
                                                          similarity
                                                          with the
                                                          Subject in
                                                          that amongst
                                                          other things
                                                          it also
                                                          contains a
                                                          collection of
                                                          public
                                                          credentials
                                                          and a
                                                          collection of
                                                          private
                                                          credentials: -</div>
                                                          <div><br>
                                                          </div>
                                                          <div><a
href="http://wildfly-security.github.io/wildfly-elytron/1.3.x/api-javadoc/org/wildfly/security/auth/server/SecurityIdentity.html#getPublicCredentials--"
target="_blank" moz-do-not-send="true">http://wildfly-security.github<wbr>.io/wildfly-elytron/1.3.x/api-<wbr>javadoc/org/wildfly/security/<wbr>auth/server/SecurityIdentity.<wbr>html#getPublicCredentials--</a></div>
                                                          <div><a
href="http://wildfly-security.github.io/wildfly-elytron/1.3.x/api-javadoc/org/wildfly/security/auth/server/SecurityIdentity.html#getPrivateCredentials--"
target="_blank" moz-do-not-send="true">http://wildfly-security.github<wbr>.io/wildfly-elytron/1.3.x/api-<wbr>javadoc/org/wildfly/security/<wbr>auth/server/SecurityIdentity.<wbr>html#getPrivateCredentials--</a></div>
                                                          <div><br>
                                                          </div>
                                                          <div>So I
                                                          think the very
                                                          first question
                                                          is has the
                                                          SecurityIdentity
                                                          been correctly
                                                          populated with
                                                          any delegated
                                                          credentials? 
                                                          If not that is
                                                          going to be a
                                                          pre-requisite
                                                          for any follow
                                                          on steps
                                                          regardless.</div>
                                                          <div><br>
                                                          </div>
                                                          <div>Then
                                                          secondly what
                                                          is it that is
                                                          making use of
                                                          this
                                                          identity?  Why
                                                          can't it be
                                                          ported to make
                                                          use of the
                                                          Elytron
                                                          authentication
                                                          client APIs
                                                          which amongst
                                                          other things
                                                          provide
                                                          support for
                                                          delegation
                                                          from the
                                                          current
                                                          identity.</div>
                                                          </div>
                                                          </blockquote>
                                                          <blockquote
                                                          type="cite">
                                                          <div dir="ltr">
                                                          <div><br>
                                                          </div>
                                                          <div>If we
                                                          need to we can
                                                          look at a
                                                          conversion to
                                                          a Subject but
                                                          we are only
                                                          doing that
                                                          where it is
                                                          really
                                                          required.</div>
                                                          </div>
                                                          </blockquote>
                                                          <br>
                                                          </div>
                                                          <div
                                                          bgcolor="#FFFFFF">
                                                            We don't
                                                          have the
                                                          SecurityIdentity
                                                          populated,
                                                          there is only
                                                          principal and
                                                          subject
                                                          created by
                                                          jbossws/CXF's
                                                          saml
                                                          validator. <br>
                                                            We need to
                                                          convert the
                                                          subject/principal
                                                          to Elytron's
                                                          SecurityIdentity
                                                          or something
                                                          else, then
                                                          later on EJB
                                                          subystem with
                                                          Elytron <br>
                                                            security can
                                                          retrieve this
                                                          authenticated
                                                          info without
                                                          check it
                                                          twice. So we'd
                                                          like to know
                                                          how can we
                                                          convert a
                                                          subject/principal
                                                          <br>
                                                            to Elytron's
SecurityIdentity and let Elytron know this is already authenticated and
                                                          authorized. <br>
                                                          <br>
                                                          Thanks,<br>
                                                          Jim   <br>
                                                          </div>
                                                          <div
                                                          bgcolor="#FFFFFF">
                                                          <br>
                                                          <br>
                                                          <blockquote
                                                          type="cite">
                                                          <div dir="ltr">
                                                          <div><br>
                                                          </div>
                                                          <div>Regards,</div>
                                                          <div>Darran
                                                          Lofthouse.</div>
                                                          <div><br>
                                                          <br>
                                                          <div
                                                          class="gmail_quote">
                                                          <div dir="ltr">On
                                                          Wed, 30 May
                                                          2018 at 10:27
                                                          Alessio
                                                          Soldano &lt;<a
href="mailto:asoldano@redhat.com" target="_blank" moz-do-not-send="true">asoldano@redhat.com</a>&gt;
                                                          wrote:<br>
                                                          </div>
                                                          <blockquote
                                                          class="gmail_quote"
style="margin:0px 0px 0px 0.8ex;border-left:1px solid
                                                          rgb(204,204,204);padding-left:1ex">
                                                          <div dir="ltr">
                                                          <div>As
                                                          suggested by
                                                          Darran, I'm
                                                          forwarding the
                                                          message below
                                                          to the list on
                                                          behalf of Jim.<br>
                                                          </div>
                                                          The classes
                                                          Jim is
                                                          referring to
                                                          are at <a
href="https://github.com/wildfly/wildfly/tree/master/webservices/server-integration/src/main/java/org/jboss/as/webservices/security"
target="_blank" moz-do-not-send="true">https://github.com/wildfly/wil<wbr>dfly/tree/master/webservices/<wbr>server-integration/src/main/<wbr>java/org/jboss/as/webservices/<wbr>security</a>
                                                          <br>
                                                          <br>
                                                          <div><br>
                                                          <div
                                                          class="gmail_quote">----------
                                                          Forwarded
                                                          message
                                                          ----------<br>
                                                          From: <b
                                                          class="gmail_sendername">Jim
                                                          Ma</b> <span
                                                          dir="ltr">&lt;<a
href="mailto:ema@redhat.com" target="_blank" moz-do-not-send="true">ema@redhat.com</a>&gt;</span><br>
                                                          Date: Wed, May
                                                          30, 2018 at
                                                          9:03 AM<br>
                                                          Subject: Set
                                                          an authorized
                                                          identity to
                                                          EltyronSecurity
                                                          Context<br>
                                                          To: Darran
                                                          Lofthouse &lt;<a
href="mailto:darran.lofthouse@redhat.com" target="_blank"
                                                          moz-do-not-send="true">darran.lofthouse@redhat.com</a>&gt;<br>
                                                          Cc: Alessio
                                                          Soldano &lt;<a
href="mailto:asoldano@redhat.com" target="_blank" moz-do-not-send="true">asoldano@redhat.com</a>&gt;<br>
                                                          <br>
                                                          <br>
                                                          Hi Darran,<br>
                                                          <br>
                                                          We are helping
                                                          look at a
                                                          customer issue
                                                          which requires
                                                          propagate the
                                                          authenticated
                                                          subject from
                                                          webservice
                                                          subsystem to<br>
                                                          <br>
                                                          ejb subystem.
                                                          With old
                                                          security
                                                          domain , we
                                                          can do this
                                                          with creating
                                                          a subject :<br>
                                                          <br>
                                                              @Override<br>
                                                              public
                                                          void
                                                          pushSubjectContext(final
                                                          Subject
                                                          subject, final
                                                          Principal
                                                          principal,
                                                          final Object
                                                          credential) {<br>
                                                                 
                                                          AccessController.doPrivileged(<wbr>new
PrivilegedAction&lt;Void&gt;() {<br>
                                                          <br>
                                                                     
                                                          public Void
                                                          run() {<br>
                SecurityContext securityContext =
                                                          SecurityContextAssociation.get<wbr>SecurityContext();<br>
                if (securityContext == null) {<br>
                    securityContext = createSecurityContext(getSecur<wbr>ityDomain());<br>
setSecurityContextOnAssociatio<wbr>n(securityContext);<br>
                }<br>
securityContext.getUtil().crea<wbr>teSubjectInfo(principal, credential,
                                                          subject);<br>
                return null;<br>
                                                                      }<br>
                                                                  });<br>
                                                              }<br>
                                                          <br>
                                                          <br>
                                                          After
                                                          Elytron,  what
                                                          is the
                                                          equivalent
                                                          thing to do
                                                          this  then ejb
                                                          can retrieve
                                                          this security
                                                          without check
                                                          this twice ?<br>
                                                          <br>
                                                          Thanks,<br>
                                                          <br>
                                                          Jim<br>
                                                          <br>
                                                          </div>
                                                          </div>
                                                          </div>
                                                          <div dir="ltr">
                                                          <div><br>
                                                          <br
                                                          clear="all">
                                                          <br>
                                                          -- <br>
                                                          <div
class="m_-520751116552800486gmail-m_6817568120572316212m_6492737856986601187m_399130190808493830m_5946244944197837763m_-7102110169809177803gmail_signature">
                                                          <div dir="ltr">
                                                          <div>
                                                          <p
style="font-weight:bold;margin:0px;padding:0px;font-size:14px;text-transform:uppercase"><span>Alessio</span>
                                                          <span>Soldano</span></p>
                                                          <p
                                                          style="font-weight:normal;font-size:10px;margin:0px
                                                          0px
                                                          4px;text-transform:uppercase"><span>Associate
                                                          Manager</span><span
style="font-weight:normal;color:rgb(170,170,170);margin:0px"></span></p>
                                                          <p
style="font-weight:normal;margin:0px;font-size:10px;color:rgb(153,153,153)"><a
style="color:rgb(0,136,206);font-size:10px;margin:0px;text-decoration:none;font-family:overpass,sans-serif"
href="https://www.redhat.com" target="_blank" moz-do-not-send="true">Red
                                                          Hat <span><br>
                                                          <br>
                                                          </span></a></p>
                                                          <table
                                                          border="0">
                                                          <tbody>
                                                          <tr>
                                                          <td
                                                          width="100px"><a
href="https://red.ht/sig" target="_blank" moz-do-not-send="true"> <img
src="https://www.redhat.com/files/brand/email/sig-redhat.png"
                                                          moz-do-not-send="true"
                                                          height="auto"
                                                          width="90"></a>
                                                          </td>
                                                          </tr>
                                                          </tbody>
                                                          </table>
                                                          </div>
                                                          </div>
                                                          </div>
                                                          </div>
                                                          </div>
                                                          </blockquote>
                                                          </div>
                                                          </div>
                                                          </div>
                                                          </blockquote>
                                                          <p><br>
                                                          </p>
                                                          </div>
                                                        </blockquote>
                                                      </div>
                                                    </blockquote>
                                                    <p><br>
                                                    </p>
                                                  </div>
                                                </blockquote>
                                              </div>
                                            </blockquote>
                                            <p><br>
                                            </p>
                                          </div>
                                        </blockquote>
                                      </div>
                                    </div>
                                  </div>
                                </div>
                              </div>
                            </blockquote>
                          </div>
                          <br>
                        </div>
                      </div>
                    </div>
                  </blockquote>
                  <p><br>
                  </p>
                </div>
              </div>
            </div>
          </blockquote>
        </div>
        <br>
      </div>
    </blockquote>
    <p><br>
    </p>
  </body>
</html>