6829785: TextCallbackHandler does not honor PasswordCallback.isEchoOn()
Reviewed-by: mullan
--- a/jdk/src/share/classes/com/sun/security/auth/callback/TextCallbackHandler.java Fri Aug 14 14:29:45 2009 -0700
+++ b/jdk/src/share/classes/com/sun/security/auth/callback/TextCallbackHandler.java Tue Aug 18 10:20:50 2009 +0800
@@ -129,7 +129,7 @@
System.err.print(pc.getPrompt());
System.err.flush();
- pc.setPassword(Password.readPassword(System.in));
+ pc.setPassword(Password.readPassword(System.in, pc.isEchoOn()));
} else if (callbacks[i] instanceof ConfirmationCallback) {
confirmation = (ConfirmationCallback) callbacks[i];
--- a/jdk/src/share/classes/sun/security/util/Password.java Fri Aug 14 14:29:45 2009 -0700
+++ b/jdk/src/share/classes/sun/security/util/Password.java Tue Aug 18 10:20:50 2009 +0800
@@ -1,5 +1,5 @@
/*
- * Copyright 2003-2006 Sun Microsystems, Inc. All Rights Reserved.
+ * Copyright 2003-2009 Sun Microsystems, Inc. All Rights Reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -37,6 +37,14 @@
public class Password {
/** Reads user password from given input stream. */
public static char[] readPassword(InputStream in) throws IOException {
+ return readPassword(in, false);
+ }
+
+ /** Reads user password from given input stream.
+ * @param isEchoOn true if the password should be echoed on the screen
+ */
+ public static char[] readPassword(InputStream in, boolean isEchoOn)
+ throws IOException {
char[] consoleEntered = null;
byte[] consoleBytes = null;
@@ -44,7 +52,7 @@
try {
// Use the new java.io.Console class
Console con = null;
- if (in == System.in && ((con = System.console()) != null)) {
+ if (!isEchoOn && in == System.in && ((con = System.console()) != null)) {
consoleEntered = con.readPassword();
// readPassword returns "" if you just print ENTER,
// to be compatible with old Password class, change to null
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/jdk/test/com/sun/security/auth/callback/TextCallbackHandler/Password.java Tue Aug 18 10:20:50 2009 +0800
@@ -0,0 +1,47 @@
+/*
+ * Copyright 2009 Sun Microsystems, Inc. All Rights Reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
+ * CA 95054 USA or visit www.sun.com if you need additional information or
+ * have any questions.
+ */
+
+/*
+ * @test
+ * @bug 6825240
+ * @summary Password.readPassword() echos the input when System.Console is null
+ * @ignore run these by hand
+ */
+
+import com.sun.security.auth.callback.TextCallbackHandler;
+import javax.security.auth.callback.*;
+
+public class Password {
+ public static void main(String args[]) throws Exception {
+ TextCallbackHandler h = new TextCallbackHandler();
+ PasswordCallback nc = new PasswordCallback("Invisible: ", false);
+ PasswordCallback nc2 = new PasswordCallback("Visible: ", true);
+
+ System.out.println("Two passwords will be prompted for. The first one " +
+ "should have echo off, the second one on. Otherwise, this test fails");
+ Callback[] callbacks = { nc, nc2 };
+ h.handle(callbacks);
+ System.out.println("You input " + new String(nc.getPassword()) +
+ " and " + new String(nc2.getPassword()));
+ }
+}