Executing Scripts on UserID Change

Novell Cool Solutions: Tip
By Johan Akerstrom

Digg This - Slashdot This

Posted: 29 Nov 2006


A Forum reader recently asked:

"I want to execute an script on a local or remote server, once a userID has been provisioned or deprovisioned or some other event occurs."

And here's a solution from Johan Akerstrom ...


There are two options you can try:

1) Execute some java code that will launch an external process from a stylesheet or a policy. This option is not really recommended, because you don't have any control over threading and the external application environment.

2a) Execute some java code that will create an external file, either empty or with some text in it to be processed by a cron job.
2b) Set up a cron job to monitor files in a folder awaiting the file drop from 2a. Act when files are found and the delete the dropped file.

Option 2 is more work but gives you better control. Below I've added two different Java classes to perform either option 1 or 2.

import java.io.File;
import java.io.FileWriter;
import java.io.BufferedWriter;

public class CosmosKeyCreateFile{

    public static boolean CreateFile(String filename) throws Exception {
    	return CreateFile(filename, null);
    public static boolean CreateFile(String filename, String text) throws 
Exception {
         boolean success = false;
	 try {
	        File file = new File(filename);
	        success = file.createNewFile();
	        if (text != null){
		   BufferedWriter out = new BufferedWriter(new FileWriter(file));
         } catch (java.io.IOException e) {
         return success;
    public static void main(String[] args) throws Exception {
        if (args.length > 0){
	    String text = null;
	    if (args.length > 1){
	    	text = args[1];
            if (CreateFile(args[0],text)){
               System.out.println("File " + args[0] + " was created.");
            } else {
               System.out.println("File " + args[0] + " was NOT created.");
        } else {
            System.out.println("Usage: CosmosKeyCreateFile  <filename> [<text>]");
            System.out.println("Example: CosmosKeyCreateFile  myfile.pid");
            System.out.println("Example: CosmosKeyCreateFile  myfile.pid 
            System.out.println("Example: CosmosKeyCreateFile  myfile.job 
\"cp file1 file2\"");
import java.io.*;

public class CosmosKeyExecuteExternalApp{

    public static String execute(String command) throws Exception {
		String ret = "";
			Process process = Runtime.getRuntime().exec(command);
			BufferedReader input = new BufferedReader(new InputStreamReader(process.getInputStream()));
			InputStreamReader iar = new InputStreamReader(process.getInputStream());
			StringBuffer sb = new StringBuffer();
			String line = "";
			while ((line = input.readLine()) != null)
			ret = sb.toString();
		catch (Exception err)
			ret = err.toString();
		return ret;

    public static void main(String[] args) throws Exception {
        if (args.length > 0){
			System.out.println("External App Returned:");
			System.out.println("Usage: CosmosKeyExecuteExternalApp  <command>");
			System.out.println("Example: CosmosKeyExecuteExternalApp \"C:\\WINDOWS\\NOTEPAD.EXE\"");
			System.out.println("Example: CosmosKeyExecuteExternalApp \"/usr/bin/cp 
file1 file2\"");
			System.out.println("Example: CosmosKeyExecuteExternalApp \"\\\"C:\\Program 
Files\\utils\\whoami.exe\\\" --version\"");


1. Save the code with the filenames as stated above.

2. Compile the code as follows:

    javac -cp . CosmosKeyCreateFile.java 
    javac -cp . CosmosKeyExecuteExternalApp.java

This produces two .class files.

3. Zip the .class files.

4. Name the zip file "CosmosKeyUtils.jar".

5. Drop the jar file in the same folder as all the other dirxml jar file such as the dirxml.jar file.

6. This policy should create a file called /home/shared/idmdrop/test with the contents of "Hello".

  <?xml version="1.0" encoding="UTF-8"?> <policy xmlns:jCosmosKeyCreateFile 
="http://www.novell.com/nxsl/java/CosmosKeyCreateFile"> <rule> <actions>
  <do-set-local-variable name="hash"> <arg-string> <token-xpath expression="jCosmosKeyCreateFile:CreateFile('/home/shared/idmdrop/test','Hello')"/> 

  </arg-string></do-set-local-variable> </actions> </rule> </policy>

7. This policy should execute an external application called /usr/bin/whoami. The method call will not return until the external app terminates.

  <?xml version="1.0" encoding="UTF-8"?> <policy xmlns:jCosmosKeyExecuteExternalApp="http://www.novell.com/nxsl/java/CosmosKeyExecuteExternalApp"><rule>
  <actions><do-set-local-variable name="hash"> <arg-string>
  <token-xpath expression="jCosmosKeyExecuteExternalApp:execute('/usr/bin/whoami')"/> 

  </arg-string></do-set-local-variable> </actions> </rule> </policy>

Novell Cool Solutions (corporate web communities) are produced by WebWise Solutions. www.webwiseone.com

© Micro Focus