Inactive [SEC] xAuth v2.0.10 - Extra Authentication [1.2.5-R1.3+]

Discussion in 'Inactive/Unsupported Plugins' started by CypherX, Mar 15, 2011.

Thread Status:
Not open for further replies.
  1. Offline


    xAuth v2.0.10 - (CraftBukkit build: [1.2.5-R1.3+])
    Download v2.0.10

    lycano is taking over the development of xAuth as I no longer have the time nor the will to continue working on it. Please see the BukkitDev page:

    Thanks to everyone who has showed support for me and xAuth over the past 17 months. It's been 'fun'. If for any reason you need to contact me, stop by my IRC channel ( #LoveDespite) or toss me a message at Until we meet again, stay gold. Bang.


    xAuth is a plugin designed with a single task in mind: protect a server and its players while running in offline-mode. The basic idea of this protection is allowing players to register an account based on their player name and a supplied password. When a registered player connects to the server, that player will be prompted to authenticate his or herself by logging in. If and only if a valid password is supplied, they will regain full control of their account until their session expires.

    • Before registering/logging in, players cannot:
      • Chat, execute commands, interact with objects (levers, chests, etc.), move, or pickup items.
      • Break or place blocks
      • Receive or give damage, be targeted (followed) by hostile mobs
    • Inventory and location protection
    • In-depth setting and message configuration
    • Persistent login sessions through server restarts
    • Player name filter and password complexity configuration
    • Kick non-logged in (but registered) players after a configurable amount of time
    • Bukkit Permissions support
    • Kick or temporarily lockout the IP address of a player who fails to log in after a configurable amount of tries
    • Custom, highly secure password hashing
    • H2 and MySQL support
    • Authentication over URL (AuthURL) allows for connection to forum or website databases
    Changelog (click for full changelog)
    • Version 2.0.10
      • [Fixed] Exploit to completely bypass login system.
      • [Fixed] xAuth commands not working with Rcon
      • [Fixed] Exploiting login system to avoid fire & drowning damage.
      • [Fixed] NPE caused by player connecting & disconnecting during same server tick.
      • [Fixed] 'Table "SESSIONS" not found' error when a player uses /logout while session length is set to zero.
      • [Fixed] Exploiting location protection after dieing to return to the spot of death.
    • Version 2.0.9
      • Added several reverse single session configuration options.
      • Fixed registration.forced: false not working.
      • Updated version check and H2 download links.
    xAuth Importer
    xAuth Importer is a tool used to import accounts from previous versions of xAuth as well as other authentication plugins. Click here for more information.
  2. Offline



    What version of xAuth are you using? A fix for that was implemented a couple updates back and was confirmed working by multiple people.

    Run h2.jar and it'll bring up the web interface. From there you can log in using 'sa' as the username and leaving the password blank. Now just double click the accounts table and run the query that appears in the box.

    The 'accounts' table is missing from your database, as the error clearly states.

    @xBlueXFoxx - The 'strikes' table is missing from your database, as the error clearly states.
  3. Offline


    Can you tell me how to fix it?
  4. Offline


    xAuth doesnt work anymore.
    It used to work before, but I changed maps and now it doesnt make anyone log in or register.
    Then i reinstalled it and it still doesnt make anyone register or login.

    I tried typing in /xauth reload but it just gives me a list of commands!
  5. Offline


    Are you using BigBrother or something that logs commands?
  6. Offline


    So... I use AuthDB to connect my Minecraft server with MyBB forums. How can I connect MyBB with xAuth?
  7. Offline


    I do.
    bLog and HawkEye
  8. Offline


    xAuth version: V2.0 (Beta 4.1)
    CraftBukkit build: #1123
    Description of error/bug: Players do not return to their location after logging out.
    Error log: -
    Other information: Using MySQl, everything in there is setup correctly. It could be from the new spawning in 1.8. Not sure if your going to work on that but I greatly need it. ;3

    EDIT: Updated to 1.8.1 CraftBukkit (#1123)
  9. Offline


    yeah would be great to get this working for bukkit 1.8 (build-1124). Only reason i havent moved my server yet.
  10. Offline


    All my plugins work apart from this one :(
  11. Offline


  12. Offline


    The old 1.2.5 (I think) seems to work fine on #1124 for me. Never used the beta...
  13. Offline


    Look into the auth_URL option in the xAuth configuration, you just need to write a PHP script for your MyBB forums for xAuth to use, here is an example script that works with SMF 2:

    Make sure you have them configured to never log /l or /login commands, that could be how people got your password.
  14. Offline


    It does not log. I made sure it wont. Thanks for trying though
  15. Offline


    hey where can i find that version at? Its the only thing keeping me from running bukkit 1.8.
  16. Offline


    Gibstick likes this.
  17. Offline


    If someone can help me a bit I will be really happy :)

    That's simple, I want to use my smf database to use xAuth

    My problem is I don't know exactly by what way doing that ?

    I created a file into my forum like this one
    and I set it into the config file, but don't work

        # How should xAuth store data (Accounts, sessions, etc.)?
        # Possible values: h2, mysql
        datasource: mysql
        # If set to true, xAuth will disable itself if the server is in online-mode
        auto-disable: true
        # If set to true, all required library files will be automatically downloaded
        download-libraries: true
        # When set to true, if a player connects with the same name as someone who is
        # already online, the player connecting will be kicked instead of the online player
        reverse-enforce-single-session: true
        # Send user/pass data to authURL for authentication instead of the database
        # This option disables registration and password changes
        enabled: true
        # The URL to send user/pass data to, look at the example auth.php for an
        # example that works with SMF forums.
        url: http://myforumurl/smf_auth.php
    I must use a custom form create by myself ? If yes someone can show me how to do that ?
  18. Offline

    The Wizard

    Can you add playername to sessions table?

    Edit: Don't need this anymore. I've joined 3 tables instead of 2.
  19. Offline


    Will topic author update version? (1.8.1 for bukkit)

    // Works with #1149

    But one bug with 1149.. I log into and spawning back to that where i disconnected. Next time i log again then spawning at spawnpoint.. Must be that where i was disconnected..
  20. Offline


  21. Offline


    UP! Please fix one bug. Thanks! (Update too with #1149)

    I sumbit the bug report template:

    xAuth version: xAuth v2.0 (Beta 4.1)
    CraftBukkit build: #1149
    Description of error/bug: Spawn
    Error log: Nothing error
    Other information: I connect server and logging, then spawning at my house. And reconnecting again then after logging i spawn at spawnpoint.
  22. Offline


    PHP scripting for forum CMS? No, sorry.
  23. Offline


    Hi all.. sorry for my english.. Bukkit #1149

    There is another BIG problem..

    I'm OP, and i change my gamemode from 0 to 1.

    If anyone log-in with my Name without use /login <password> and he is in Gamemode 1.
    Inventory protection hide my inventory, BUT creativemode inventory can't be hidden...
    He can drop all materials without problem :S:S:S:S:S.

    Need to fix it
  24. Offline


    Does this affect Non-Oped Players? Because if it does, time to mod it >.<
  25. Offline


    Same bugs with #1123 and #1149. Will topic author fix it? I need it really to fixed it.
  26. Offline


    What /plugins do you have. I had a problem like this before.
  27. Offline


    Dynamic Effect Whitelist
    Minecraft Viewer
  28. Offline


    22.09 18:21:26 [Server] INFO at
    22.09 18:21:26 [Server] INFO at
    22.09 18:21:26 [Server] INFO at net.minecraft.server.MinecraftServer.h(
    22.09 18:21:26 [Server] INFO at net.minecraft.server.NetworkListenThread.a(SourceFile:108)
    22.09 18:21:26 [Server] INFO at org.getspout.spout.SpoutNetServerHandler.a(
    22.09 18:21:26 [Server] INFO at net.minecraft.server.NetServerHandler.a(
    22.09 18:21:26 [Server] INFO at net.minecraft.server.NetworkManager.b(
    22.09 18:21:26 [Server] INFO at net.minecraft.server.Packet3Chat.a(
    22.09 18:21:26 [Server] INFO at net.minecraft.server.NetServerHandler.a(
    22.09 18:21:26 [Server] INFO at
    22.09 18:21:26 [Server] INFO at net.minecraft.server.NetServerHandler.handleCommand(
    22.09 18:21:26 [Server] INFO at org.bukkit.craftbukkit.CraftServer.dispatchCommand(
    22.09 18:21:26 [Server] INFO at org.bukkit.command.SimpleCommandMap.dispatch(
    22.09 18:21:26 [Server] INFO at org.bukkit.command.PluginCommand.execute(
    22.09 18:21:26 [Server] INFO at com.cypherx.xauth.commands.LoginCommand.onCommand(
    22.09 18:21:26 [Server] INFO at com.cypherx.xauth.xAuth.login(
    22.09 18:21:26 [Server] INFO at com.cypherx.xauth.database.DbUtil.deleteStrikes(
    22.09 18:21:26 [Server] INFO at com.cypherx.xauth.database.Database.queryWrite(
    22.09 18:21:26 [Server] INFO at org.h2.jdbc.JdbcConnection.prepareStatement(
    22.09 18:21:26 [Server] INFO at org.h2.jdbc.JdbcPreparedStatement.<init>(
    22.09 18:21:26 [Server] INFO at org.h2.jdbc.JdbcConnection.prepareCommand(
    22.09 18:21:26 [Server] INFO at org.h2.engine.Session.prepareCommand(
    22.09 18:21:26 [Server] INFO at org.h2.engine.Session.prepareLocal(
    22.09 18:21:26 [Server] INFO at org.h2.command.Parser.prepareCommand(
    22.09 18:21:26 [Server] INFO at org.h2.command.Parser.parse(
    22.09 18:21:26 [Server] INFO at org.h2.command.Parser.parse(
    22.09 18:21:26 [Server] INFO at org.h2.command.Parser.parsePrepared(
    22.09 18:21:26 [Server] INFO at org.h2.command.Parser.parseDelete(
    22.09 18:21:26 [Server] INFO at org.h2.command.Parser.readSimpleTableFilter(
    22.09 18:21:26 [Server] INFO at org.h2.command.Parser.readTableOrView(
    22.09 18:21:26 [Server] INFO at org.h2.command.Parser.readTableOrView(
    22.09 18:21:26 [Server] INFO at org.h2.message.DbException.get(
    22.09 18:21:26 [Server] INFO at org.h2.message.DbException.get(
    22.09 18:21:26 [Server] INFO at org.h2.message.DbException.getJdbcSQLException(
    22.09 18:21:26 [Server] INFO DELETE FROM `strikes` WHERE `strikeip` = ? AND `playername` = ? [42102-157]
    22.09 18:21:26 [Server] INFO org.h2.jdbc.JdbcSQLException: Table "STRIKES" not found; SQL statement:
    22.09 18:21:26 [Server] SEVERE [xAuth] SQL query failure [write] (DELETE FROM `strikes` WHERE `strikeip` = ? AND `playername` = ?)
    Can anyone help me with this error, xauth still works fine however it keeps spamming my console everytime someone logs in.

  29. Offline


    Same with 1185

    Problems brand new since the 1.8 update. I know this plugin isnt updated for the latest rb yet.So just notifying. Hopefully it will save some1 time.

    PS: it works fine, just doesnt always return players to the spot they logged out.
  30. Offline


    I don't understand this reply, are you saying you can't write a PHP script for your forum? It doesn't have to be PHP, it can be ANY scripting language you choose. What exactly are you saying?
  31. Offline


    I just say, that I don't think that understanding about forum engine (and writing a PHP script after this) is a good idea just for making xAuth work with my conditions. I will stick to AuthDB, though it is less stable.
Thread Status:
Not open for further replies.

Share This Page