Inactive [ADMN/SEC] AuthDB v2.3.6 - Database authentication and protection [1.1-1.4.5]

Discussion in 'Inactive/Unsupported Plugins' started by CraftFire, Mar 13, 2011.

  1. Offline

    CraftFire

    In order to centralize support of our legacy projects, we will no longer be providing support on Bukkit. Please use www.spout.org for support with our projects going forward.
     
  2. Offline

    Wulfspider

    Their chat is supposed to be blocked. It shouldn't be sending at all. If it is, then it's a bug and contex would need to take a look at it. Unregistered guests are the only ones that should be able to chat, but that's only if the option is enabled to let them.
     
  3. Offline

    rustymetal

    Wulf/Contex, could you have a look at.
    http://pastebin.com/3xFQ8TWG

    Players are loggin into my server and freezing/crash. I will wake up for sleeping and check my SSH, the last line from over 10 hours ago will be "player has logged in at world x y z". Check Java CPU and its only 100% not overflowing, still active.

    Deleting the players dat file in world/player/name.dat will allow the player to connect again without crashing.

    I cannot tell you what to do for reproduction. They were however, not in the main world.
    The first player to do this was logging in @ the_end
    the second player to do this was logging in @ nether
    no players have done it in the normal map.

    The players say they were not doing anything special and get too defensive about it to tell you anything.

    >edit
    Code:
    org.bukkit.Location.getBlock(Location.java:82)com.authdb.util.Util.landLocation(Util.java:1444)com.authdb.listeners.AuthDBPlayerListener.onPlayerJoin(AuthDBPlayerListener.java:117)
    
    It must be to do with the worlds. I'm 100% sure these players are not in normal areas, like the 1 guys was building his stuff ontop of the nether. But still seems a big problem as I have had this problem for week or so and this is the first stack trace I have been able to get.
     
  4. Perhaps you misunderstood the question. Its not the last connected player who loses chat, but the one that's on the server in the first place.

    I can trigger this problem and do it on myself, and i'm an in-game Op. I don't want to be forced to relog because someone found a way to block my chat. Perhaps you now understand what's happening? ;-)

    Thanks.

    - ThisUsernameIsMine
     
  5. Offline

    Wulfspider

    I'll test and see. I've never heard of that before. :p
     
  6. Offline

    rustymetal

    http://pastebin.com/1EADnrzb
    Code:
    2012-04-13 15:39:44 [SEVERE] Current Thread: Server thread
    2012-04-13 15:39:44 [SEVERE]    PID: 14 | Alive: true | State: RUNNABLE
    2012-04-13 15:39:44 [SEVERE]    Stack:
    2012-04-13 15:39:44 [SEVERE]        net.minecraft.server.ChunkProviderServer.getChunkAt(ChunkProviderServer.java:72)
    2012-04-13 15:39:44 [SEVERE]        org.bukkit.craftbukkit.CraftWorld.getChunkAt(CraftWorld.java:245)
    2012-04-13 15:39:44 [SEVERE]        org.bukkit.craftbukkit.CraftWorld.getBlockAt(CraftWorld.java:209)
    2012-04-13 15:39:44 [SEVERE]        org.bukkit.craftbukkit.CraftWorld.getBlockAt(CraftWorld.java:619)
    2012-04-13 15:39:44 [SEVERE]        org.bukkit.Location.getBlock(Location.java:82)
    2012-04-13 15:39:44 [SEVERE]       com.authdb.util.Util.landLocation(Util.java:1444)
    2012-04-13 15:39:44 [SEVERE]       com.authdb.listeners.AuthDBPlayerListener.onPlayerJoin(AuthDBPlayerListener.java:117)
    2012-04-13 15:39:44 [SEVERE]        sun.reflect.GeneratedMethodAccessor257.invoke(Unknown Source)
    2012-04-13 15:39:44 [SEVERE]        sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
    2012-04-13 15:39:44 [SEVERE]        java.lang.reflect.Method.invoke(Unknown Source)
    2012-04-13 15:39:44 [SEVERE]        org.bukkit.plugin.java.JavaPluginLoader$1.execute(JavaPluginLoader.java:301)
    2012-04-13 15:39:44 [SEVERE]        org.bukkit.plugin.RegisteredListener.callEvent(RegisteredListener.java:62)
    2012-04-13 15:39:44 [SEVERE]        org.bukkit.plugin.SimplePluginManager.callEvent(SimplePluginManager.java:461)
    2012-04-13 15:39:44 [SEVERE]        net.minecraft.server.ServerConfigurationManager.c(ServerConfigurationManager.java:132)
    2012-04-13 15:39:44 [SEVERE]        net.minecraft.server.NetLoginHandler.b(NetLoginHandler.java:129)
    2012-04-13 15:39:44 [SEVERE]        net.minecraft.server.NetLoginHandler.a(NetLoginHandler.java:94)
    2012-04-13 15:39:44 [SEVERE]        net.minecraft.server.Packet1Login.handle(SourceFile:68)
    2012-04-13 15:39:44 [SEVERE]        net.minecraft.server.NetworkManager.b(NetworkManager.java:229)
    2012-04-13 15:39:44 [SEVERE]        net.minecraft.server.NetLoginHandler.a(NetLoginHandler.java:48)
    2012-04-13 15:39:44 [SEVERE]        net.minecraft.server.NetworkListenThread.a(NetworkListenThread.java:68)
    2012-04-13 15:39:44 [SEVERE]        net.minecraft.server.MinecraftServer.w(MinecraftServer.java:622)
    2012-04-13 15:39:44 [SEVERE]        net.minecraft.server.MinecraftServer.run(MinecraftServer.java:506)
    2012-04-13 15:39:44 [SEVERE]        net.minecraft.server.ThreadServerApplication.run(SourceFile:492)
    
     
  7. Thanks :)

    Another thing: I've disabled sesssions but a moment ago i quickly disconnected and reconnected to my server and could freely roam around (in creative mode) while seeing ''Welcome 'name'! Please enter your password:' , while Freeze was enabled?! (i've set it to 2 seconds)

    It looks like freeze can be bypassed while being in creative mode :S
     
  8. Offline

    Wulfspider

    Thanks, I'll look into it.
     
  9. Offline

    Iskari

    How can I use a double md5 encryption?
    Thanks for this cool Plugin
    Iskari
     
  10. Offline

    Wulfspider

    Why? Why not just use one of the SHA options or whirlpool even?
     
  11. Offline

    Iskari

    I use Php-fusion, and it uses a duble md5 hash due of security. I can't change that.
    Thanks for your reply.
    Iskari

    Sorry for my bad English.
     
  12. Offline

    Wulfspider

    We'd likely just have to add support for that script in general. I'm not sure if that will happen with the current version or with the rewrite though.
     
  13. Offline

    Iskari

    Thanks, that would be nice.
    MfG
    Iskari
     
  14. Is it possible to unregister/delete peoples accounts completely?

    I want to free up one account so that i don't have to increase the maximum possible accounts per ip address (deleting an account is no problem but the used accounts for the ip remains the same).
     
  15. Offline

    Wulfspider

    Not from in-game, and that likely won't come until the AuthDB rewrite. You could always delete the user from what CMS/forum script you are using though, if you are.

    I'm not sure how contex is storing the IP limit, so I'd need to look and see.
     
  16. I skyped him and he linked me to a SQLite database manager. I've solved it using that program :)
     
  17. Hello again,

    I've noticed some other awkwards things about AuthDB:

    If my server crashes for some reason and i restart it, AuthDB remembers who had signed in.
    This seems normal but it happens while sessions are disabled! :confused: ?

    Finally: The screen still occasionally flips out (bounces/shakes) when people join the server.
    Even when having freeze set to a delay of two seconds, the event still occurs.

    (setting bukkit.yml's use-exact-login-location to true didn't change anything)

    Best regards,
    - ThisUsernameIsMine
     
  18. Offline

    Wulfspider

    Both things we need to work on. ;)
     
  19. Offline

    toporek

    Hi,
    My forum script is 'MyBB'
    How to setup this line in config
    Code:
    hashformat: "{PASSWORD}{SALT}{NAME}" 
    if i want use login function ?

    Now server return message
    I connect everything but i can't login ;/
     
  20. Offline

    Wulfspider

    That config option is not usable, and isn't needed for MyBB. Simply setup basic.yml with your MyBB database information.
     
  21. Offline

    siemaeniu500

    What can I do to move the registered account in authme to AuthDB
     
  22. Offline

    Wulfspider

    I don't know exactly how AuthMe stores the information, but I believe last time Contex checked, they were doing something silly beyond normal hashing, so we'd likely have to add a special option just for that.
     
  23. Offline

    Wampe

    Hello,

    I hope it´s not already mentioned. But I am unhappy that sessions only avaible at offline-mode (online-mode = false). Because of "Session Stealing" I would like to use AuthDB. If online-mode=true I get always logged in automaticly even if I logged out last time. Am I doing something wrong or can I get it another way?

    Edit: Is it possible to deactivate the sessions that a player has to use login everytime (after log out or disconnect from server)?

    greetings
    Wampe
     
  24. Offline

    Wulfspider

    Seesions and session options work perfectly fine with online-mode set to false. You are only automatically logged in with sessions set to false if you online-mode is set to true.

    There is no way of anyone stealing your session if you have online-mode set to true. The only way someone could steal your session is if you have online-mode set to false, AND the user is on the same IP address as you.
     
  25. Offline

    vanmc

    How's the development build going is the temp spawn session when login to prevent people from locating each others bases added if so which development build.
    I would like to use it or so :D
     
  26. Offline

    Wulfspider

    Not yet. I'm not sure when that will be added.
     
  27. Offline

    _Robert

    Hey Wulfspider how i can solve this? It's throwing it on start:
    Show Spoiler



    I'm running CB++ and i have the mysql connector on the "lib" folder, also other plugins like Towny, iConomy, Jobs, uHome, PEX are using the database too with no problems at all!

    Any ideas?
     
  28. Offline

    Wulfspider

    You don't need the MySQL connector in your lib folder, as it comes built into CraftBukkit.

    It looks like you've also modified your bukkit.yml file and changed it from using eBeans to MySQL. That will break AuthDB as it requires eBeans for the local cache. I suggest you reset your bukkit.yml to default by deleting it and letting it recreate itself.
     
    _Robert likes this.
  29. Offline

    iKrzysiek

    When "teleport not loggined in players to spawn" will be added? It is important function for Factions-Based servers. I am waiting for "Rules accept" option too, i think that it will be very userfull.
     
  30. Even though the last (real) update i've seen has been some time ago, i found something of which i'm not sure if it's been reported/mentioned before:

    When being in creative mode and not logged in (i left the previous server-session in mid-air), you can repeatedly circumvent/bypass freeze i.e. move further than is normally allowed. This problem also occurs with other auth/login-plugins, such as CrazyLogin.

    I reproduced this by moving (in)to some direction (using either one of the WASD-keys) until you freeze, and then move into a different direction by pressing/holding a different key. Then repeat this procedure from the beginning.

    Thought it was important enough to let you guys'n'galls know ;-)
     
  31. Offline

    Wulfspider

    Thanks for the report, I'll see if we can get a fix in for that. :)

    Not sure, as soon as contex is able to spare some time.
     

Share This Page