Inactive [SEC] xAuth v2.0.10 - Extra Authentication [1.2.5-R1.3+]

Discussion in 'Inactive/Unsupported Plugins' started by CypherX, Mar 15, 2011.

Thread Status:
Not open for further replies.
  1. Offline

    CypherX

    xAuth v2.0.10 - (CraftBukkit build: [1.2.5-R1.3+])
    Download v2.0.10

    lycano is taking over the development of xAuth as I no longer have the time nor the will to continue working on it. Please see the BukkitDev page: http://dev.bukkit.org/server-mods/xauth/

    Thanks to everyone who has showed support for me and xAuth over the past 17 months. It's been 'fun'. If for any reason you need to contact me, stop by my IRC channel (irc.rizon.net #LoveDespite) or toss me a message at http://love-despite.com/forum. Until we meet again, stay gold. Bang.

    ------------------------------------------------------------------​

    xAuth is a plugin designed with a single task in mind: protect a server and its players while running in offline-mode. The basic idea of this protection is allowing players to register an account based on their player name and a supplied password. When a registered player connects to the server, that player will be prompted to authenticate his or herself by logging in. If and only if a valid password is supplied, they will regain full control of their account until their session expires.


    Features
    • Before registering/logging in, players cannot:
      • Chat, execute commands, interact with objects (levers, chests, etc.), move, or pickup items.
      • Break or place blocks
      • Receive or give damage, be targeted (followed) by hostile mobs
    • Inventory and location protection
    • In-depth setting and message configuration
    • Persistent login sessions through server restarts
    • Player name filter and password complexity configuration
    • Kick non-logged in (but registered) players after a configurable amount of time
    • Bukkit Permissions support
    • Kick or temporarily lockout the IP address of a player who fails to log in after a configurable amount of tries
    • Custom, highly secure password hashing
    • H2 and MySQL support
    • Authentication over URL (AuthURL) allows for connection to forum or website databases
    Changelog (click for full changelog)
    • Version 2.0.10
      • [Fixed] Exploit to completely bypass login system.
      • [Fixed] xAuth commands not working with Rcon
      • [Fixed] Exploiting login system to avoid fire & drowning damage.
      • [Fixed] NPE caused by player connecting & disconnecting during same server tick.
      • [Fixed] 'Table "SESSIONS" not found' error when a player uses /logout while session length is set to zero.
      • [Fixed] Exploiting location protection after dieing to return to the spot of death.
    • Version 2.0.9
      • Added several reverse single session configuration options.
      • Fixed registration.forced: false not working.
      • Updated version check and H2 download links.
    xAuth Importer
    xAuth Importer is a tool used to import accounts from previous versions of xAuth as well as other authentication plugins. Click here for more information.
     
  2. Offline

    TheDaddyPeanut

    @CypherX Can you please change the /toggle command? Like to /xauth toggle or something, would realy appreciate that!
     
  3. Offline

    odielag

    When minecraft.net was down I tried using this plugin and wasn't able to get it to work...

    People would get messages about a player already being logged in... and if they finally got into the game, the user name already had a password when they tried to register. I gave myself a password in the console and tried to login, but still got kicked... everyone got kicked randomly...

    So, If minecraft.net goes down again... I'm wondering how I can get this working so that players can still play.
     

    Attached Files:

  4. Offline

    Xerothz

    kay i know this is probably a stupid question.. but how exactly do i use this? i dont exactly have a database or anything, just other mods tat dont req them. other then putting the jar file into the plugin folder. is there anything else im missing? cuz if tats the only thing i needa do and reload the server, its not happening. i can go online but it doesnt prompt me to type /register.. it just allows me to use all commands or destroy blocks whether im op-ed or not.. help please.

    i have the same problem. except i doubt its actually work properly cause i've seen this vid " " not in english and he did it the same way as all of us i think, and it worked for him. and yes i need help too..

    kay i know this is my third post. but does this conflict with iChat? i removed it and it kinda works, i still can move around if i go on, until i actually do /logout. but if i reconnect, it doesn't require me to log in or register. and once i put back my iChat mod, it doesnt allow me to use and of the commands for xAuth..

    EDIT by Moderator: merged posts, please use the edit button instead of double posting.
     
    Last edited by a moderator: May 12, 2016
  5. Offline

    CypherX

    No. I'm not changing something that was working fine until Citizens decided to change it. Go whine in that thread.

    Try reading the thread, it's probably been answered on every page. Hint: xauth.exclude

    xAuth v2 will be a lot more efficient when it's released.

    Did they all happen to have the name 'Player'?
     
  6. Offline

    Xerothz

    thanks CypherX for the tip, it managed to help me fix the problem of non op-ed players not needing to register. however, even after using that permission you said, op-ed players/server moderators still can move around without registering..

    Edit : Nevermind. i read from someone's post that for those using permissions should remove the '*' for it to work properly. and thats what i did and now it works :) thanks CypherX :D
     
  7. Offline

    CypherX

    You don't need to necessarily remove '*', you just need to add '-xauth.exclude' to any groups/players with '*'. (Note the hyphen, that tells Permissions to exclude it from '*'.
     
  8. Offline

    CypherX

    Get the hell out of my thread. I don't have the time nor do I want to deal with immature little kids who throw a temper tantrum as soon as they don't get what they want. I refuse to change the command simply because it was Citizens, not xAuth, that caused the conflict by adding their own toggle command.

    You should simply appreciate the fact that I released this plugin to the public in the first place and continue to update and support it. This isn't my job and I'm not gaining anything from doing this. Get over yourself and never post in my thread again.
     
  9. Offline

    RME

    Translated Strings to Spanish (Spain) [ES]

    When I replace the file, the plugin do not work properly (Can be the ñÑ?)

    Try to fix it and add it to the plugin.
    <Edit by Moderator: Redacted mediafire url>

    Raul Martinez (RME)
     
    Last edited by a moderator: Dec 14, 2016
  10. Offline

    CypherX

    Paste/screenshot and post the error message that appears in the console.
     
    Last edited by a moderator: Dec 14, 2016
  11. Offline

    RME

    I cannot acces to my pc right now but you can test it (maybe in core.yml the lang code is not ES (esp maybe?))
    Also you can test by yourself
     
  12. Offline

    MeatBat

    CypherX, can you add option into config kick or not first player from server if second one with the same name will be connected?
     
  13. Offline

    CypherX

    Will be included in xAuth 2.
     
  14. Offline

    moonjokes

    @CypherX This is found directly on the wiki for citizens. You should put this is your main thread so people stop asking.

    The /toggle command doesn't work
    It's most probably conflicting with another plugin, such as xAuth. Try /t, /tog or /togg instead
     
  15. Offline

    Nzer0

    Can you include MD5 hash for pass?
    sry for my bad english
     
  16. Offline

    CypherX

  17. Offline

    Luwiego

    Well i always have used the authme plugin but now its dead... Is there a way to transffer accounts from their plugin to this one ?
     
  18. Offline

    Fujikatoma

    If i make /reload all users lose her Inventory :(
     
  19. Offline

    CypherX

    If you use AuthMe's flatfile datasource then you can just rename the file from auths.db to auths.txt and it'll work.

    Version 2.0 (Beta 1) is now available! Please read the first post, it has been completely rewritten and remember to read the upgrading guide: https://github.com/CypherX/xAuth/wiki/Install-\-Upgrade

    EDIT by Moderator: merged posts, please use the edit button instead of double posting.
     
    Last edited by a moderator: May 12, 2016
  20. Offline

    flozza83

    Hi
    Getting a bug with 2.0 beta1
    bukkit 860

    So downgraded..
     
  21. Offline

    Phinary

    Alright. Using beta 1, im working on my php code to make it all work together. I have 1 thing.
    First, when I set active to 1, it still says that the account isnt active. I dont know if this is from not checking mysql database because it saves it in the cache and only checks the database every certain amount of time, or if active needs to be a different value.

    After restarting the server, it didnt say its not active anymore so im guessing its a cache issue.

    Im having another issue though. Im using the php function that you included in the wiki to generate the password, but it seems to not be working. It generates the long encrypted password, but when I login it says incorrect password. Let me do more testing as it may be my php

    EDIT by Moderator: merged posts, please use the edit button instead of double posting.
     
    Last edited by a moderator: May 12, 2016
  22. Offline

    CypherX

    Whoops, casting the wrong variable there. Will be fixed in the next update.

    Setting active to 1 is correct and you're completely right about it not being updated because of the cache. I totally overlooked that. I'll see what I can do (probably just query the database to check it).
     
  23. Offline

    Phinary

    Update: Nevermind that. Got the password stuff working. Now my problem is no matter if active = 0 or active = 1 it still says account isnt active. Even if i restart the server
     
  24. Offline

    Fujikatoma

    :/
     
  25. Offline

    Luwiego

    Im using DB and i did what you said, it didnt work :(
     
  26. Offline

    flozza83

    Ok cypher! I will wait for the next release so ^_^
     
  27. Offline

    Donny

    CB: 866
    Xauth v: 2.0b1
    It spams alot. I also believe its creating a bit of lag?
    Idea ETA on next update. should I revert to old version or stick with beta for now?
    Code:
    java.lang.ClassCastException: org.bukkit.craftbukkit.entity.CraftSpider cannot be cast t
    o org.bukkit.entity.Player
    2011-06-20 14:27:52 [SEVERE] Could not pass event ENTITY_DAMAGE to xAuth
    java.lang.ClassCastException: org.bukkit.craftbukkit.entity.CraftSpider cannot be cast t
    o org.bukkit.entity.Player
    2011-06-20 14:27:52 [SEVERE] Could not pass event ENTITY_DAMAGE to xAuth
    java.lang.ClassCastException: org.bukkit.craftbukkit.entity.CraftSpider cannot be cast t
    o org.bukkit.entity.Player
    2011-06-20 14:27:52 [SEVERE] Could not pass event ENTITY_DAMAGE to xAuth
    java.lang.ClassCastException: org.bukkit.craftbukkit.entity.CraftSpider cannot be cast t
    o org.bukkit.entity.Player
    2011-06-20 14:27:53 [SEVERE] Could not pass event ENTITY_DAMAGE to xAuth
    java.lang.ClassCastException: org.bukkit.craftbukkit.entity.CraftSpider cannot be cast t
    o org.bukkit.entity.Player
    2011-06-20 14:27:53 [SEVERE] Could not pass event ENTITY_DAMAGE to xAuth
    java.lang.ClassCastException: org.bukkit.craftbukkit.entity.CraftSpider cannot be cast t
    o org.bukkit.entity.Player
    2011-06-20 14:27:53 [SEVERE] Could not pass event ENTITY_DAMAGE to xAuth
    java.lang.ClassCastException: org.bukkit.craftbukkit.entity.CraftSpider cannot be cast t
    o org.bukkit.entity.Player
     
  28. Offline

    TH3steven

    Is it possible to add something that bind an OP account to an IP, so if anyone tries to log in with that account from another location, they automatically get kicked/ipbanned. (Also, you should be able to add more ip's in the config)

    btw, very awesome plugin ^^
     
  29. Offline

    CypherX

    Then you're doing something wrong. It specifically restores a players inventory and location during the disable phase so it is not lost.

    Send me your .db file in a PM.

    Beta 2 will be out in a couple of hours that fixes all known bugs.

    I believe a plugin that specifically does that exists. I think it's called IPLock? Not sure.

    Updated to version 2.0 Beta 2.
    • Fixed ENTITY_DAMAGE ClassCastException reported in this post
    • Account activation fixed for servers using web registration
    • Error when a MySQL DATETIME field is 0000-00-00 00:00:00 fixed
    • Resetting of active status to 0 upon logging in fixed

    EDIT by Moderator: merged posts, please use the edit button instead of double posting.
     
    Last edited by a moderator: May 12, 2016
  30. Offline

    Phinary

    Will be testing either tonight or tomorrow afternoon on my actual server,
     
  31. Offline

    flozza83

    Ok will test too this night :)
     
Thread Status:
Not open for further replies.

Share This Page