How should i pass the password(containing special chars) as commandline argument?

Question

I have a deployment script to which i have to pass LDAP password as cmd paramater.

actual password:  foo\$ser"ver\\ 1  (contains three space characters: at the beginning, before 1, and after 1)

e.g

...bin>deployment.bat LDAPPassword= foo\$ser\"ver\\ 1 

Note:There are spaces in the password as shown at the beginning.

The deployment.bat calls a class to which the above parameter is passed as an argument. The problem is that the class receives 2 distinct arguments:

args[0]= foo\$ser"ver\\            //The space after \\ is omitted
args[1]=1                          //The space before and after 1 is omitted

How do I pass this password so that it is received as single string?

I have already tried quoting the password as

...bin>deployment.bat LDAPPassword=" foo\$ser"ver\\ 1 "

however it won't work.

Answer 1

You can't escape your password in any way.
As some combinations with quotes together with spaces can't be placed into one parameter.

Like this " (<space><quote><space>) even if you add some quotes around, it's not possible, even if you quote the spaces and the quotes itself.

myBat  " 
myBat " " "
myBat ^ " 
myBat ^"^ ^"^ ^"

Here is the best to double all quotes inside your password and enclose your password into quotes.
Then you can use all other characters are without any problems.

deployment.bat " foo\$ser\""ver\ 1 "

And in deployment.bat

@echo off
setlocal DisableDelayedExpansion
set "pwd=%~1"
setlocal EnableDelayedExpansion
set "pwd=!pwd:""="!"
echo pwd='!pwd!'

You should use your password only with delayed expansion to avoid problems with special characterts.

For accessing command line parameters you could also look at
SO: How to receive even the strangest command line parameters?

Answer 2

" foo\$ser\"ver\ 1 "

To quote the full string you need to escape the quote so it is not seen as an ending quote.

And in the cases where the quote is already prefixed with a backslash, then you will also have to escape the backslash. So a password as

this isa\"test

should be written as

"thisisa\\\"test"

For more information, this is the "usual" way of parsing arguments in windows.

EDITED - Just to document tests. Using this batch file (test.cmd)

@echo off
    cls
    echo(--------------------------------------------
    echo [%1][%2][%3][%4][%5][%6][%7][%8][%9]
    echo(--------------------------------------------
    cmdline.exe %1 %2 %3 %4 %5 %6 %7 %8 %9
    echo(--------------------------------------------
    cmdline.exe %*
    echo(--------------------------------------------
    java CmdLine  %1 %2 %3 %4 %5 %6 %7 %8 %9
    echo(--------------------------------------------
    java CmdLine %*
    echo(--------------------------------------------

where cmdline.exe is obtained from this c code

#include "windows.h"
#include "stdio.h"

void main(int argc, char **argv){
    int i;
    printf("cmdline:[%s]\r\n\r\n",GetCommandLine());
    for(i = 0; i < argc ; i++) printf("arg_%03d:[%s]\r\n",i,argv[i]);
};

and CmdLine.java is

public class CmdLine {
    public static void main (String[] args) {
        int i = 0;
        for (String s: args) {
            System.out.println(String.format("arg_%03d:[%s]",++i,s));
        }
    }
}

Running test.cmd " foo\$ser\"ver\ 1 " the results are

--------------------------------------------
[" foo\$ser\"ver\][1]["][][][][][][]
--------------------------------------------
cmdline:[cmdline.exe  " foo\$ser\"ver\ 1 "      ]

arg_000:[cmdline.exe]
arg_001:[ foo\$ser"ver\ 1 ]
--------------------------------------------
cmdline:[cmdline.exe  " foo\$ser\"ver\ 1 "]

arg_000:[cmdline.exe]
arg_001:[ foo\$ser"ver\ 1 ]
--------------------------------------------
arg_001:[ foo\$ser"ver\ 1 ]
--------------------------------------------
arg_001:[ foo\$ser"ver\ 1 ]
--------------------------------------------