Null Pointer Exception in xDM UI Operations Due to Missing CSRF Token via Azure : Portal

Need

A Null Pointer Exception is in the logs when attempting to create, edit, or import records through the Semarchy xDM UI. This issue impacted standard data management operations and prevented successful execution of user actions.

Investigation revealed that the problem occurred specifically when requests were routed through Azure infrastructure, indicating a potential issue with request headers or security tokens during proxy forwarding.

Error:

Error message: java.lang.NullPointerException: Cannot invoke "String.length()" because "tokenValue" is null

Summarized Solution

Enable forwarding of required headers so that the CSRF token reaches xDM:

• Add the JVM parameter to the xDM deployment:

• -DallowXForwardedHeaders=true

• Restart the xDM application.

• Validate that CSRF tokens are correctly received and UI operations succeed.

Detailed Solution

1. Identify the Root Cause

Semarchy xDM relies on a CSRF (Cross-Site Request Forgery) token for validating UI actions such as create, edit, and import.
Requests routed through Azure (e.g., Application Gateway, Load Balancer, or Reverse Proxy) were not correctly forwarding required headers.
As a result:
- The CSRF token was missing (null) when processed by xDM.
- Internal validation failed, leading to a Null Pointer Exception during execution.

2. Enable Forwarded Headers in xDM

To ensure that headers (including those carrying security tokens) are properly interpreted, configure xDM to accept forwarded headers.

Add the JVM parameter:

-DallowXForwardedHeaders=true

This parameter:

Enables xDM to trust and process X-Forwarded- headers*.
Allows proper reconstruction of the original request context.
Ensures the CSRF token is correctly retrieved and validated.

3. Apply the Configuration

Locate your xDM deployment configuration (e.g., application server startup script, container configuration, or JVM options).
Add the parameter to the JVM arguments section.
- Example (generic):
- JAVA_OPTS="$JAVA_OPTS -DallowXForwardedHeaders=true"
Save the configuration.

4. Restart the Application

Restart the Semarchy xDM service or application server to apply the new JVM setting.

5. Validate the Fix

After restart:

Attempt to:
- Create records
- Edit records
- Import data via UI
Confirm:
- No Null Pointer Exception occurs
- Actions complete successfully
- CSRF validation is functioning as expected

Notes

By enabling allowXForwardedHeaders, xDM can correctly process the forwarded request context, ensuring CSRF tokens are available and preventing runtime exceptions during UI operations.
There's another error that may appear without this parameter which is Cache flushing failed for datalocation.

Portal

Null Pointer Exception in xDM UI Operations Due to Missing CSRF Token via Azure Print

Summarized Solution

Detailed Solution

Notes

By enabling allowXForwardedHeaders, xDM can correctly process the forwarded request context, ensuring CSRF tokens are available and preventing runtime exceptions during UI operations.

There's another error that may appear without this parameter which is Cache flushing failed for datalocation.

Null Pointer Exception in xDM UI Operations Due to Missing CSRF Token via Azure Print

Summarized Solution

Detailed Solution

Notes

By enabling allowXForwardedHeaders, xDM can correctly process the forwarded request context, ensuring CSRF tokens are available and preventing runtime exceptions during UI operations.

There's another error that may appear without this parameter which is Cache flushing failed for datalocation.

Related Articles