From d7c3883e533c667d6d09d775b25b6d4c2d0bc41e Mon Sep 17 00:00:00 2001
From: Matthew Jason Benson <mbenson@apache.org>
Date: Fri, 27 Mar 2009 19:52:08 +0000
Subject: [PATCH] document SecureInputHandler and add to known input handler
 types

git-svn-id: https://svn.apache.org/repos/asf/ant/core/trunk@759322 13f79535-47bb-0310-9956-ffa450edef68
---
 WHATSNEW                                          |  6 ++++++
 docs/manual/CoreTasks/input.html                  | 15 +++++++++------
 docs/manual/inputhandler.html                     |  6 ++++++
 src/main/org/apache/tools/ant/taskdefs/Input.java | 11 ++++++-----
 4 files changed, 27 insertions(+), 11 deletions(-)

diff --git a/WHATSNEW b/WHATSNEW
index c76a4c4f4..b280810ad 100644
--- a/WHATSNEW
+++ b/WHATSNEW
@@ -706,6 +706,9 @@ Other changes:
    file name and comment encoding.  Please see the zip tasks'
    documentation for details.
 
+ * <input ...><handler type="secure" /></input> now uses previously undocumented
+   SecureInputHandler shipped with Ant 1.7.1.
+
 Changes from Ant 1.7.0 TO Ant 1.7.1
 =============================================
 
@@ -932,6 +935,9 @@ Other changes:
 * <javac> handles package-info.java files, there were repeatedly compiled.
   Bugzilla 43114.
 
+* SecureInputHandler added to use Java 6 System.console().readPassword()
+  when available.
+
 Changes from Ant 1.6.5 to Ant 1.7.0
 ===================================
 
diff --git a/docs/manual/CoreTasks/input.html b/docs/manual/CoreTasks/input.html
index 4671fa2d8..021e16bb5 100644
--- a/docs/manual/CoreTasks/input.html
+++ b/docs/manual/CoreTasks/input.html
@@ -46,10 +46,13 @@ Since Ant 1.6, <code>&lt;input&gt;</code> will not prompt for input if
 a property should be set by the task that has already been set in the
 project (and the task wouldn't have any effect).</p>
 
-<p>A regular complaint about this task is that it echoes characters to the
-console, this is a critical security defect, we must fix it immediately, etc, etc.
-We know it leaves something to be desired, but the problem is Java, not Ant.
-There is nothing we can do to stop the console echoing. </p>
+<p>Historically, a regular complaint about this task has been that it echoes
+characters to the console, this is a critical security defect, we must fix it
+immediately, etc, etc.  This problem was due to the lack in early versions of
+Java of a (fully functional) facility for handling secure console input.
+In Java 1.6 that shortcoming in Java's API was addressed and Ant versions 1.7.1
+and 1.8 have added support for Java 1.6's secure console input feature
+(see <a href="#handler.type">handler type</a>).</p>
 
 <p>
 IDE behaviour depends upon the IDE: some hang waiting for input, some let you
@@ -107,8 +110,8 @@ among different Input tasks.
     <td align="center" valign="top"><b>Required</b></td>
   </tr>
   <tr>
-    <td valign="top">type</td>
-    <td valign="top">one of "default","propertyfile", or "greedy".
+    <td valign="top"><a name="handler.type" />type</td>
+    <td valign="top">one of "default","propertyfile", "greedy", or "secure" (since Ant 1.8).
     </td>
     <td align="center" valign="top" rowspan="3">One of these</td>
   </tr>
diff --git a/docs/manual/inputhandler.html b/docs/manual/inputhandler.html
index d33493429..479c858e0 100644
--- a/docs/manual/inputhandler.html
+++ b/docs/manual/inputhandler.html
@@ -94,6 +94,12 @@ define it inside the <code>ANT_OPTS</code> environment variable.</p>
 input. However, it consumes <i>all</i> available input. This behavior is
 useful for sending Ant input via an OS pipe. <b>Since Ant 1.7</b>.</p>
 
+<h3>SecureInputHandler</h3>
+
+<p>This InputHandler calls <code>System.console().readPassword()</code>,
+available since Java 1.6.  On earlier platforms it falls back to the
+behavior of DefaultInputHandler. <b>Since Ant 1.7.1</b>.</p>
+
 <h2>InputRequest</h2>
 
 <p>Instances of <code>org.apache.tools.ant.input.InputRequest</code>
diff --git a/src/main/org/apache/tools/ant/taskdefs/Input.java b/src/main/org/apache/tools/ant/taskdefs/Input.java
index 72479c44d..11817a75f 100644
--- a/src/main/org/apache/tools/ant/taskdefs/Input.java
+++ b/src/main/org/apache/tools/ant/taskdefs/Input.java
@@ -28,6 +28,7 @@ import org.apache.tools.ant.input.InputHandler;
 import org.apache.tools.ant.input.InputRequest;
 import org.apache.tools.ant.input.MultipleChoiceInputRequest;
 import org.apache.tools.ant.input.PropertyFileInputHandler;
+import org.apache.tools.ant.input.SecureInputHandler;
 import org.apache.tools.ant.types.EnumeratedAttribute;
 import org.apache.tools.ant.util.ClasspathUtils;
 import org.apache.tools.ant.util.StringUtils;
@@ -116,16 +117,16 @@ public class Input extends Task {
 
     /**
      * EnumeratedAttribute representing the built-in input handler types:
-     * "default", "propertyfile", "greedy".
+     * "default", "propertyfile", "greedy", "secure" (since Ant 1.8).
      */
     public static class HandlerType extends EnumeratedAttribute {
-        private static final String[] VALUES
-            = {"default", "propertyfile", "greedy"};
+        private static final String[] VALUES = { "default", "propertyfile", "greedy", "secure" };
 
         private static final InputHandler[] HANDLERS
-            = {new DefaultInputHandler(),
+            = { new DefaultInputHandler(),
                new PropertyFileInputHandler(),
-               new GreedyInputHandler()};
+               new GreedyInputHandler(),
+               new SecureInputHandler() };
 
         /** {@inheritDoc} */
         public String[] getValues() {