Inactive [SEC] xAuth v2.0.10 - Extra Authentication [1.2.5-R1.3+]

Discussion in 'Inactive/Unsupported Plugins' started by CypherX, Mar 15, 2011.

Thread Status:
Not open for further replies.
  1. Offline

    CypherX

    xAuth v2.0.10 - (CraftBukkit build: [1.2.5-R1.3+])
    Download v2.0.10

    lycano is taking over the development of xAuth as I no longer have the time nor the will to continue working on it. Please see the BukkitDev page: http://dev.bukkit.org/server-mods/xauth/

    Thanks to everyone who has showed support for me and xAuth over the past 17 months. It's been 'fun'. If for any reason you need to contact me, stop by my IRC channel (irc.rizon.net #LoveDespite) or toss me a message at http://love-despite.com/forum. Until we meet again, stay gold. Bang.

    ------------------------------------------------------------------​

    xAuth is a plugin designed with a single task in mind: protect a server and its players while running in offline-mode. The basic idea of this protection is allowing players to register an account based on their player name and a supplied password. When a registered player connects to the server, that player will be prompted to authenticate his or herself by logging in. If and only if a valid password is supplied, they will regain full control of their account until their session expires.


    Features
    • Before registering/logging in, players cannot:
      • Chat, execute commands, interact with objects (levers, chests, etc.), move, or pickup items.
      • Break or place blocks
      • Receive or give damage, be targeted (followed) by hostile mobs
    • Inventory and location protection
    • In-depth setting and message configuration
    • Persistent login sessions through server restarts
    • Player name filter and password complexity configuration
    • Kick non-logged in (but registered) players after a configurable amount of time
    • Bukkit Permissions support
    • Kick or temporarily lockout the IP address of a player who fails to log in after a configurable amount of tries
    • Custom, highly secure password hashing
    • H2 and MySQL support
    • Authentication over URL (AuthURL) allows for connection to forum or website databases
    Changelog (click for full changelog)
    • Version 2.0.10
      • [Fixed] Exploit to completely bypass login system.
      • [Fixed] xAuth commands not working with Rcon
      • [Fixed] Exploiting login system to avoid fire & drowning damage.
      • [Fixed] NPE caused by player connecting & disconnecting during same server tick.
      • [Fixed] 'Table "SESSIONS" not found' error when a player uses /logout while session length is set to zero.
      • [Fixed] Exploiting location protection after dieing to return to the spot of death.
    • Version 2.0.9
      • Added several reverse single session configuration options.
      • Fixed registration.forced: false not working.
      • Updated version check and H2 download links.
    xAuth Importer
    xAuth Importer is a tool used to import accounts from previous versions of xAuth as well as other authentication plugins. Click here for more information.
     
  2. Offline

    CypherX

    Looked through the code and it seems I've forgotten to put in a check for that. For now you can just make it a high number and the next update will include a fix.
     
  3. Offline

    STiChad

    So I know you said this problem was fixed but it's still happening.
    My spawn point is a glass dome, and everytime someone registers they get teleported to the top of the dome.
    I have the latest version and I am running it on #1185.
    It's only problem I'm having, thanks in advance.
     
  4. Offline

    columb

    Passwords could be loged with Big Brother. :mad:
     
  5. Offline

    zenyl

    Just making sure: if a player makes a password, they need to enter it when joining, to be able to do anything? And if the player does not have a password, they can do all the stuff, when joining, without setting up a password?
     
  6. Offline

    CypherX

    Did you use a plugin to set the spawn point? If so, which one?

    BigBrother added a censored commands list that includes xAuth commands that deal with passwords.

    First part: Correct.
    Second part: Only if you have forced registration disabled, otherwise they won't be allowed to do anything until they register.
     
  7. Offline

    STiChad

    AdminCmd
     
  8. Offline

    zenyl

    When / How often do you have to login? When you logout (of the server), or with the command "/logout", or something else? If you dont, when you log out of the server, it would be very handy with such a feature.

    PS. When downloading, and when set to automaticly download the newest version of the lib file, it downloads an old version of the lib file
     
  9. Offline

    tombik

    @CypherX Hi i'm having huge bug! When i log, "get" two clones that still follow me and that are puhing me. Error in console should tell you more:
    xAuth version:2.0
    Beta 4.3.
    CraftBukkit build:1240
    Description of error/bug: up Error log: http://pastebin.com/mkd5ix8b

    ...and also getting this:
    Code:
    2011-10-06 22:02:11 [SEVERE] java.lang.NullPointerException
    2011-10-06 22:02:11 [SEVERE]     at com.cypherx.xauth.xAuth$1.run(xAuth.java:263)
    2011-10-06 22:02:11 [SEVERE]     at org.bukkit.craftbukkit.scheduler.CraftWorker.run(CraftWorker.java:34)
    2011-10-06 22:02:11 [SEVERE]     at java.lang.Thread.run(Thread.java:662)
    2011-10-06 22:02:16 [SEVERE] java.lang.NullPointerException
    2011-10-06 22:02:16 [SEVERE]     at com.cypherx.xauth.xAuth$1.run(xAuth.java:263)
    2011-10-06 22:02:16 [SEVERE]     at org.bukkit.craftbukkit.scheduler.CraftWorker.run(CraftWorker.java:34)
    2011-10-06 22:02:16 [SEVERE]     at java.lang.Thread.run(Thread.java:662)
    2011-10-06 22:02:24 [SEVERE] java.lang.NullPointerException
    2011-10-06 22:02:24 [SEVERE]     at com.cypherx.xauth.xAuth$1.run(xAuth.java:263)
    2011-10-06 22:02:24 [SEVERE]     at org.bukkit.craftbukkit.scheduler.CraftWorker.run(CraftWorker.java:34)
    2011-10-06 22:02:24 [SEVERE]     at java.lang.Thread.run(Thread.java:662)
     
  10. Offline

    CypherX

    @STiChad - I'll test it myself when I get a chance and report back.

    You can set the session length in the configuration file which controls how long a session remains valid. By default it's set to one hour. A session can also be terminated early with the /logout and /xauth logout <player> commands.

    The library file it downloads is the most up to date one needed for xAuth to function properly.

    @tombik - Your sentence explaining the "bug" makes absolutely no sense.
     
  11. Offline

    STiChad

    Thanks mate.
     
  12. Offline

    zenyl

    Could you add a boolean in the config files: True, logout when disconnecting - False, logout if session ends or if "/logout" is used? :)
     
  13. Offline

    CypherX

    Just set session length to zero.
     
  14. Offline

    zenyl

    Thanks a bunch for the support, and thanks for the great plugin! :D
     
  15. Offline

    Grifhell

    If you forgot your password, it will be sent by e-mail ...
    Is it possible?
     
  16. Offline

    iama

    Good afternoon.
    Our server was hovering minecraft recently, when we take thread dump, and that's what we have.

    Code:
    Thread 15080 "Thread-121761": (state = BLOCKED)
    
    at sun.misc.Unsafe.park(Native Method)
    
    at java.util.concurrent.locks.LockSupport.park(LockSupport.java:156)
    
    at java.util.concurrent.locks.AbstractQueuedSynchronizer.parkAndCheckInterrupt(AbstractQueuedSynchronizer.java:811)
    
    at java.util.concurrent.locks.AbstractQueuedSynchronizer.acquireQueued(AbstractQueuedSynchronizer.java:842)
    
    at java.util.concurrent.locks.AbstractQueuedSynchronizer.acquire(AbstractQueuedSynchronizer.java:1178)
    
    at java.util.concurrent.locks.ReentrantLock$NonfairSync.lock(ReentrantLock.java:186)
    
    at java.util.concurrent.locks.ReentrantLock.lock(ReentrantLock.java:262)
    
    at org.bukkit.craftbukkit.scheduler.CraftScheduler.cancelTask(CraftScheduler.java:256)
    
    at com.cypherx.xauth.xAuth.removeGuest(xAuth.java:279)
    
    at com.cypherx.xauth.listeners.xAuthPlayerListener.onPlayerQuit(xAuthPlayerListener.java:100)
    
    at org.bukkit.plugin.java.JavaPluginLoader$2.execute(JavaPluginLoader.java:251)
    
    at org.bukkit.plugin.RegisteredListener.callEvent(RegisteredListener.java:58)
    
    at org.bukkit.plugin.SimplePluginManager.callEvent(SimplePluginManager.java:338)
    
    - locked <0x00000006001e33e8> (a org.bukkit.plugin.SimplePluginManager)
    
    at net.minecraft.server.ServerConfigurationManager.disconnect(ServerConfigurationManager.java:154)
    
    at net.minecraft.server.NetServerHandler.disconnect(NetServerHandler.java:127)
    
    at org.getspout.spout.SpoutNetServerHandler.disconnect(SpoutNetServerHandler.java:507)
    
    at org.bukkit.craftbukkit.entity.CraftPlayer.kickPlayer(CraftPlayer.java:157)
    
    at com.cypherx.xauth.xAuth$1.run(xAuth.java:263)
    
    at org.bukkit.craftbukkit.scheduler.CraftWorker.run(CraftWorker.java:34)
    
    at java.lang.Thread.run(Thread.java:662)
    ...
    Code:
    Thread 25803 "Server thread": (state = BLOCKED)
            at org.bukkit.plugin.SimplePluginManager.callEvent(SimplePluginManager.java:333)
            - waiting to lock <0x00000006001e33e8> (a org.bukkit.plugin.SimplePluginManager)
            at org.getspout.spout.ServerTickTask.run(ServerTickTask.java:44)
            at org.bukkit.craftbukkit.scheduler.CraftScheduler.mainThreadHeartbeat(CraftScheduler.java:137)
            at net.minecraft.server.MinecraftServer.h(MinecraftServer.java:439)
            at net.minecraft.server.MinecraftServer.run(MinecraftServer.java:374)
            at net.minecraft.server.ThreadServerApplication.run(SourceFile:417)
    
    Based on the withdrawal of the thread's stack "Thread-121 761" seems to us that our problem lies precisely in the roots of your expansion. Could you fix this bug, if it is a bug, or tell us on what we're doing wrong.
     
  17. Offline

    PinguinAman

    Hi,
    whenever a not-logged-in player connects to my server, then disconnects without logging in, then connects again and logs in, his complete Inventory is gone.
    xAuth version:v2.0b4.3
    CraftBukkit build:RB 1240
    Errors: None. รด.o
    Other information:
    Config: http://pastebin.com/BECFYrn5
    Installed Plugins: http://pastebin.com/WNEpKYqH
    Tried it without MultiInv, since that Plugin also does stuff to the Inventory, but the bug was still there.

    Dunno what else I could tell. I hope you can think of a solution. :/
     
  18. Offline

    Ticksy

    How can I convert a database from H2 to MySQL?
     
  19. Offline

    iama

  20. Offline

    Kidi

    Ehhhm, dude, forced= false, yet everyone have to register. with or without the xauth.register perm.
     
  21. Offline

    question42rus

    I sow long find reason for some players kicks by server on connect with reason "Internal Server Error": disable some plugins, try other snapshot and stable versions of bukkit. But today I delete all plugins except xAuth, and this error again occured(on crafbukkit 1185, 1240, 1303). When I disable xAuth I have no more this error.

    Code:
    2011-10-09 11:12:41 [WARNING] Failed to handle packet: java.lang.NullPointerException
    java.lang.NullPointerException
        at org.bukkit.craftbukkit.entity.CraftPlayer.teleport(CraftPlayer.java:314)
        at net.minecraft.server.NetServerHandler.a(NetServerHandler.java:192)
        at net.minecraft.server.Packet10Flying.a(SourceFile:126)
        at net.minecraft.server.NetworkManager.b(NetworkManager.java:226)
        at net.minecraft.server.NetServerHandler.a(NetServerHandler.java:92)
        at net.minecraft.server.NetworkListenThread.a(SourceFile:108)
        at net.minecraft.server.MinecraftServer.h(MinecraftServer.java:471)
        at net.minecraft.server.MinecraftServer.run(MinecraftServer.java:374)
        at net.minecraft.server.ThreadServerApplication.run(SourceFile:417)
    Try this
    http://www.razorsql.com/download_win.html

    EDIT by Moderator: merged posts, please use the edit button instead of double posting.
     
    Last edited by a moderator: Jul 17, 2016
  22. Offline

    Subrosa20

    i updated to the newest version of xauth and bukkit. Now this error occurs:
    Code:
    2011-10-09 10:25:36 [INFO] [xAuth] 'Permissions' v3.1.6 support enabled!
    2011-10-09 10:25:36 [INFO] [xAuth] Connection to database established!
    2011-10-09 10:25:36 [INFO] [xAuth] Updating database..
    2011-10-09 10:25:36 [SEVERE] [xAuth] SQL query failure [write] (ALTER TABLE `strikes` DROP COLUMN IF EXISTS `host`)
    org.h2.jdbc.JdbcSQLException: Column "IF" not found; SQL statement:
    ALTER TABLE `strikes` DROP COLUMN IF EXISTS `host` [42122-153]
        at org.h2.message.DbException.getJdbcSQLException(DbException.java:327)
        at org.h2.message.DbException.get(DbException.java:167)
        at org.h2.message.DbException.get(DbException.java:144)
        at org.h2.table.Table.getColumn(Table.java:587)
        at org.h2.command.Parser.parseAlterTable(Parser.java:4699)
        at org.h2.command.Parser.parseAlter(Parser.java:4162)
        at org.h2.command.Parser.parsePrepared(Parser.java:302)
        at org.h2.command.Parser.parse(Parser.java:275)
        at org.h2.command.Parser.parse(Parser.java:247)
        at org.h2.command.Parser.prepare(Parser.java:201)
        at org.h2.command.Parser.prepareCommand(Parser.java:214)
        at org.h2.engine.Session.prepareLocal(Session.java:426)
        at org.h2.engine.Session.prepareCommand(Session.java:374)
        at org.h2.jdbc.JdbcConnection.prepareCommand(JdbcConnection.java:1100)
        at org.h2.jdbc.JdbcPreparedStatement.<init>(JdbcPreparedStatement.java:71)
        at org.h2.jdbc.JdbcConnection.prepareStatement(JdbcConnection.java:243)
        at com.cypherx.xauth.database.Database.queryWrite(Database.java:85)
        at com.cypherx.xauth.database.DbUpdate.update(DbUpdate.java:61)
        at com.cypherx.xauth.database.DbUpdate.update(DbUpdate.java:39)
        at com.cypherx.xauth.xAuth.onEnable(xAuth.java:101)
        at org.bukkit.plugin.java.JavaPlugin.setEnabled(JavaPlugin.java:126)
        at org.bukkit.plugin.java.JavaPluginLoader.enablePlugin(JavaPluginLoader.java:941)
        at org.bukkit.plugin.SimplePluginManager.enablePlugin(SimplePluginManager.java:280)
        at org.bukkit.craftbukkit.CraftServer.loadPlugin(CraftServer.java:174)
        at org.bukkit.craftbukkit.CraftServer.enablePlugins(CraftServer.java:157)
        at net.minecraft.server.MinecraftServer.e(MinecraftServer.java:297)
        at net.minecraft.server.MinecraftServer.a(MinecraftServer.java:284)
        at net.minecraft.server.MinecraftServer.init(MinecraftServer.java:152)
        at net.minecraft.server.MinecraftServer.run(MinecraftServer.java:348)
        at net.minecraft.server.ThreadServerApplication.run(SourceFile:417)
    2011-10-09 10:25:36 [SEVERE] [xAuth] Database update (3 -> 4) failed!
    2011-10-09 10:25:36 [INFO] [xAuth] v2.0b4.3 Disabled!
     

    Attached Files:

  23. Offline

    iama

    xAuth version: 2.0b4.3
    CraftBukkit build: 1185
    Description of error/bug: server freeze when all of players logout at night. server.log have many: 2011-09-30 09:48:18 [INFO] Read timed out
    Error log: server.log http://pastebin.com/vMjRFJ56 , interesting thread dump with debuger visualvm http://pastebin.com/pB1tcGn6
    Other information: this bug happens every day, at night or morning
     
  24. Offline

    CypherX

    Not at the moment.

    I did a bit of testing to see if I could reproduce what you described, but unfortunately I couldn't. The only advice I have is to disable any other plugins that interface with the inventory one-by-one and see if any of them could be causing it.

    Search the thread, it's been posted numerous times.

    Works fine for me. If you have the '*' Permission node make sure you omit 'xauth.register'.

    That error message includes nothing about xAuth, so if it is indeed causing the error, there's nothing I can do.

    @iama - Posting THREE times is not going to get me to respond any faster. Just for that, you're getting ignored.
     
  25. Offline

    XtenD

    xAuth version:v2.0b4.3
    CraftBukkit build:RB 1303
    reverse-enforce-single-session: true
    Does not work properly , or i do something wrong?
    i also get a "Connected from another location" message
     
  26. Offline

    Grifhell

    help. There are three servers. I want to be that the player canteleport from the first second, with plugin sitizens. I want a playerthat would not require a password again.
     
  27. Offline

    STiChad

    Not trying to hound you or anything but problem still persists and I would like to know how testing is coming along to find out what the problem is. Just in case you forgot I'm having the following problem with Admincmd:

    Show Spoiler
     
  28. Offline

    jespertheend

    When somone log's in. I can see the IP of that person in my console. Can you add the option in the config that. People don't need to give their password. Unless they're on some other ip? Or isn't that possible.
     
  29. Offline

    Ticksy

    I opened the database, but there is only "INFORMATION_SCHEMA", containing service data. What did I do wrong?

    I used the web interface h2.jar and RazorSQL.
     
  30. Would be nice If only cracked users should log in.
    We should put online-mode= true then,
    Users should connect to Minecraft.net, so if Minecraft.net is online, no log in needed.
    If a player is using cracked client, he dont connect to Minecraft.net so your plugin ask a password.
     
  31. Offline

    Subrosa20

    I wanted to update xAuth, so i deletet all the files except the .db files, because i wanted to keep my database! My db is stored in h2, so i put "h2" into the config. Not SQL. Now I'm getting this Error. What to do now? :/ Thank you.

    Code:
    2011-10-09 17:00:24 [INFO] [xAuth] 'Permissions' v3.1.6 support enabled!
    2011-10-09 17:00:24 [INFO] [xAuth] Connection to database established!
    2011-10-09 17:00:24 [INFO] [xAuth] Updating database..
    2011-10-09 17:00:24 [SEVERE] [xAuth] SQL query failure [write] (ALTER TABLE `strikes` DROP COLUMN IF EXISTS `host`)
    org.h2.jdbc.JdbcSQLException: Column "IF" not found; SQL statement:
    ALTER TABLE `strikes` DROP COLUMN IF EXISTS `host` [42122-153]
        at org.h2.message.DbException.getJdbcSQLException(DbException.java:327)
        at org.h2.message.DbException.get(DbException.java:167)
        at org.h2.message.DbException.get(DbException.java:144)
        at org.h2.table.Table.getColumn(Table.java:587)
        at org.h2.command.Parser.parseAlterTable(Parser.java:4699)
        at org.h2.command.Parser.parseAlter(Parser.java:4162)
        at org.h2.command.Parser.parsePrepared(Parser.java:302)
        at org.h2.command.Parser.parse(Parser.java:275)
        at org.h2.command.Parser.parse(Parser.java:247)
        at org.h2.command.Parser.prepare(Parser.java:201)
        at org.h2.command.Parser.prepareCommand(Parser.java:214)
        at org.h2.engine.Session.prepareLocal(Session.java:426)
        at org.h2.engine.Session.prepareCommand(Session.java:374)
        at org.h2.jdbc.JdbcConnection.prepareCommand(JdbcConnection.java:1100)
        at org.h2.jdbc.JdbcPreparedStatement.<init>(JdbcPreparedStatement.java:71)
        at org.h2.jdbc.JdbcConnection.prepareStatement(JdbcConnection.java:243)
        at com.cypherx.xauth.database.Database.queryWrite(Database.java:85)
        at com.cypherx.xauth.database.DbUpdate.update(DbUpdate.java:61)
        at com.cypherx.xauth.database.DbUpdate.update(DbUpdate.java:39)
        at com.cypherx.xauth.xAuth.onEnable(xAuth.java:101)
        at org.bukkit.plugin.java.JavaPlugin.setEnabled(JavaPlugin.java:126)
        at org.bukkit.plugin.java.JavaPluginLoader.enablePlugin(JavaPluginLoader.java:941)
        at org.bukkit.plugin.SimplePluginManager.enablePlugin(SimplePluginManager.java:280)
        at org.bukkit.craftbukkit.CraftServer.loadPlugin(CraftServer.java:174)
        at org.bukkit.craftbukkit.CraftServer.enablePlugins(CraftServer.java:157)
        at net.minecraft.server.MinecraftServer.e(MinecraftServer.java:297)
        at net.minecraft.server.MinecraftServer.a(MinecraftServer.java:284)
        at net.minecraft.server.MinecraftServer.init(MinecraftServer.java:152)
        at net.minecraft.server.MinecraftServer.run(MinecraftServer.java:348)
        at net.minecraft.server.ThreadServerApplication.run(SourceFile:417)
    2011-10-09 17:00:24 [SEVERE] [xAuth] Database update (3 -> 4) failed!
    2011-10-09 17:00:24 [INFO] [xAuth] v2.0b4.3 Disabled!
    Oh. And here are my plugins. I'm running bukkit 1240.

    Unbenannt.JPG

    Right now, the "xAuth" in this list is written in red. This was before i tried to update!
     
Thread Status:
Not open for further replies.

Share This Page