The current implementation of the loading the external password by a command uses Runtime.exec() which denies to pass a parameter which contains a white-space to the command, see {EXT} in org.jboss.security.Util#loadPassword(String).
It would be nice to provide a new implementation based on ProcessBuilder.

For example, various ssh-askpass implementations requires a parameter like 'Enter passphrase for ...'. Without the ability to directly pass such a parameter customers are pushed to create a "script in the middle" which makes their application unnecessarily complicated.