Inactive [SEC] xAuth v2.0.10 - Extra Authentication [1.2.5-R1.3+]

Discussion in 'Inactive/Unsupported Plugins' started by CypherX, Mar 15, 2011.

Thread Status:
Not open for further replies.
  1. Offline

    CypherX

    xAuth v2.0.10 - (CraftBukkit build: [1.2.5-R1.3+])
    Download v2.0.10

    lycano is taking over the development of xAuth as I no longer have the time nor the will to continue working on it. Please see the BukkitDev page: http://dev.bukkit.org/server-mods/xauth/

    Thanks to everyone who has showed support for me and xAuth over the past 17 months. It's been 'fun'. If for any reason you need to contact me, stop by my IRC channel (irc.rizon.net #LoveDespite) or toss me a message at http://love-despite.com/forum. Until we meet again, stay gold. Bang.

    ------------------------------------------------------------------​

    xAuth is a plugin designed with a single task in mind: protect a server and its players while running in offline-mode. The basic idea of this protection is allowing players to register an account based on their player name and a supplied password. When a registered player connects to the server, that player will be prompted to authenticate his or herself by logging in. If and only if a valid password is supplied, they will regain full control of their account until their session expires.


    Features
    • Before registering/logging in, players cannot:
      • Chat, execute commands, interact with objects (levers, chests, etc.), move, or pickup items.
      • Break or place blocks
      • Receive or give damage, be targeted (followed) by hostile mobs
    • Inventory and location protection
    • In-depth setting and message configuration
    • Persistent login sessions through server restarts
    • Player name filter and password complexity configuration
    • Kick non-logged in (but registered) players after a configurable amount of time
    • Bukkit Permissions support
    • Kick or temporarily lockout the IP address of a player who fails to log in after a configurable amount of tries
    • Custom, highly secure password hashing
    • H2 and MySQL support
    • Authentication over URL (AuthURL) allows for connection to forum or website databases
    Changelog (click for full changelog)
    • Version 2.0.10
      • [Fixed] Exploit to completely bypass login system.
      • [Fixed] xAuth commands not working with Rcon
      • [Fixed] Exploiting login system to avoid fire & drowning damage.
      • [Fixed] NPE caused by player connecting & disconnecting during same server tick.
      • [Fixed] 'Table "SESSIONS" not found' error when a player uses /logout while session length is set to zero.
      • [Fixed] Exploiting location protection after dieing to return to the spot of death.
    • Version 2.0.9
      • Added several reverse single session configuration options.
      • Fixed registration.forced: false not working.
      • Updated version check and H2 download links.
    xAuth Importer
    xAuth Importer is a tool used to import accounts from previous versions of xAuth as well as other authentication plugins. Click here for more information.
     
  2. Offline

    CypherX

     
  3. Offline

    kamushadenes

    Hey there! Could you please add the property specified in the error? After a 2 day "blackout" on my uplink, I received it.

    Caused by: com.mysql.jdbc.exceptions.jdbc4.CommunicationsException: The last packet successfully received from the server was 41.124.751 milliseconds ago. The last packet sent successfully to the server was 41.124.751 milliseconds ago. is longer than the server configured value of 'wait_timeout'. You should consider either expiring and/or testing connection validity before use in your application, increasing the server configured values for client timeouts, or using the Connector/J connection property 'autoReconnect=true' to avoid this problem.
     
  4. Offline

    robot56

    Could you add a feature that lets a specific group to have multiple accounts, and (i'm not sure if this is already implemented)allow a player to login from a different location but only allow them to register 1 account per ip?
     
  5. Offline

    MeatBat

    I have spawn room 6 blocks height. When new player joins and moves mouse, he teleports on top of room and then server kicks him for floating too long.
     
  6. Offline

    columb

    I'am fucking dumbass, sorry :'(
    It's RangeBans problem, not xAuth, I'm really sorry for being stupid asshole.
     
  7. Offline

    Joe777

    Go to config file and fix it there
     
  8. Offline

    IsaiahRobichaud

    Do I have to use MySql
     
  9. Offline

    Hydrosis


     
  10. Offline

    EnZiGuRi

    protect-location:true config not working? players logging in to other accounts and if he log-in/log-out 2 or 3 times the account lose all items in inventory...​

    im using the version 2.0b4.3​

    Thanks anyway​
     
  11. Offline

    Hydrosis

    That's why 2.0.2 is out. lol
    Upgrade=bug fix.
     
  12. Offline

    CypherX

    Version 2.0.3 is now available!

    Changelog:
    • Fixed: Players being kicked for flying when not-logged in as a result of constant teleportation into the air.
    • Player potion effects are now properly stored, cleared, and restored.
    • Thrown potions can no longer affect non-logged in players.
    • Reload command re-added (/xauth reload)
    • Fixed database connections not being returned to the connection pool during certain scenarios.
     
  13. Offline

    EnZiGuRi

    humm the inventory thing fixed too?
     
  14. Offline

    Hydrosis

    Yep. Plugin is working perfectly for me (aside from heavy resource usage, since my server is 65 slots with at least 50-55+ at any given moment)
     
  15. Offline

    CypherX

    Hopefully some of that resource usage will go down when I implement a few of the optimization ideas I have.
     
  16. Offline

    colgatiN

    CypherX, when I am online on the server, and someone tries to enter in my account, I'm kicked and he can enter the login screen. Is to change that to a player is already online, other than trying to get a log message that the nick is already being used?
     
  17. Offline

    Hydrosis

    That feature caused a bug where others can hack players (commonly admins). That's why he had to remove that feature.
     
  18. Offline

    sharkale

    80% of the people of this post does not have the ability to manage a server.
    I lol at page 70 :p
     
  19. Offline

    EX3MP

    Problem at the login:
    Code:
    2012-03-22 14:48:10 [SEVERE] [xAuth] Something went wrong while logging in player: EX3MP
    com.mysql.jdbc.exceptions.jdbc4.MySQLIntegrityConstraintViolationException: Duplicate entry '1' for key 1
        at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
        at sun.reflect.NativeConstructorAccessorImpl.newInstance(Unknown Source)
        at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(Unknown Source)
        at java.lang.reflect.Constructor.newInstance(Unknown Source)
        at com.mysql.jdbc.Util.handleNewInstance(Util.java:407)
        at com.mysql.jdbc.Util.getInstance(Util.java:382)
        at com.mysql.jdbc.SQLError.createSQLException(SQLError.java:1039)
        at com.mysql.jdbc.MysqlIO.checkErrorPacket(MysqlIO.java:3593)
        at com.mysql.jdbc.MysqlIO.checkErrorPacket(MysqlIO.java:3525)
        at com.mysql.jdbc.MysqlIO.sendCommand(MysqlIO.java:1986)
        at com.mysql.jdbc.MysqlIO.sqlQueryDirect(MysqlIO.java:2140)
        at com.mysql.jdbc.ConnectionImpl.execSQL(ConnectionImpl.java:2626)
        at com.mysql.jdbc.PreparedStatement.executeInternal(PreparedStatement.java:2111)
        at com.mysql.jdbc.PreparedStatement.executeUpdate(PreparedStatement.java:2407)
        at com.mysql.jdbc.PreparedStatement.executeUpdate(PreparedStatement.java:2325)
        at com.mysql.jdbc.PreparedStatement.executeUpdate(PreparedStatement.java:2310)
        at com.cypherx.xauth.PlayerManager.createSession(PlayerManager.java:324)
        at com.cypherx.xauth.PlayerManager.doLogin(PlayerManager.java:257)
        at com.cypherx.xauth.commands.LoginCommand.onCommand(LoginCommand.java:40)
        at org.bukkit.command.PluginCommand.execute(PluginCommand.java:40)
        at org.bukkit.command.SimpleCommandMap.dispatch(SimpleCommandMap.java:166)
        at org.bukkit.craftbukkit.CraftServer.dispatchCommand(CraftServer.java:469)
        at net.minecraft.server.NetServerHandler.handleCommand(NetServerHandler.java:907)
        at net.minecraft.server.NetServerHandler.chat(NetServerHandler.java:867)
        at net.minecraft.server.NetServerHandler.a(NetServerHandler.java:850)
        at net.minecraft.server.Packet3Chat.handle(Packet3Chat.java:33)
        at net.minecraft.server.NetworkManager.b(NetworkManager.java:229)
        at net.minecraft.server.NetServerHandler.a(NetServerHandler.java:116)
        at net.minecraft.server.NetworkListenThread.a(NetworkListenThread.java:78)
        at net.minecraft.server.MinecraftServer.w(MinecraftServer.java:554)
        at net.minecraft.server.MinecraftServer.run(MinecraftServer.java:452)
        at net.minecraft.server.ThreadServerApplication.run(SourceFile:490)
     
  20. Offline

    CypherX

    EX3MP - A session for that player already exists and something prevented it from being removed, delete it from the database.
     
  21. Offline

    LlmDl

    I'll be updating to this soon, very excited. I'd like to thank you CypherX for the remaining patience you have for this community. In a couple days my current server will turn 1 year old and your plugin has been installed on it since day one. Again, a huge thank you for all your work, snide comments, helpful comments and for xAuth. Don't ever change.
     
  22. Offline

    EX3MP

    Cypher - Yes i did BUT ... when i Loggout i get this error again. bug?
     
  23. Offline

    CypherX

    Heh, I laughed reading that last part. Thanks for the continued support!

    Whatever error you're getting when you log out has to be different, what's it say?
     
  24. Offline

    EX3MP

    CypherX - So i Login and than i loggout -> login again and than commes this error:
    Code:
    2012-03-22 15:15:27 [SEVERE] [xAuth] Failed to load session for account: 1
    com.mysql.jdbc.exceptions.jdbc4.MySQLSyntaxErrorException: Unknown column 'ipaddress' in 'field list'
        at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
        at sun.reflect.NativeConstructorAccessorImpl.newInstance(Unknown Source)
        at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(Unknown Source)
        at java.lang.reflect.Constructor.newInstance(Unknown Source)
        at com.mysql.jdbc.Util.handleNewInstance(Util.java:407)
        at com.mysql.jdbc.Util.getInstance(Util.java:382)
        at com.mysql.jdbc.SQLError.createSQLException(SQLError.java:1052)
        at com.mysql.jdbc.MysqlIO.checkErrorPacket(MysqlIO.java:3593)
        at com.mysql.jdbc.MysqlIO.checkErrorPacket(MysqlIO.java:3525)
        at com.mysql.jdbc.MysqlIO.sendCommand(MysqlIO.java:1986)
        at com.mysql.jdbc.MysqlIO.sqlQueryDirect(MysqlIO.java:2140)
        at com.mysql.jdbc.ConnectionImpl.execSQL(ConnectionImpl.java:2626)
        at com.mysql.jdbc.PreparedStatement.executeInternal(PreparedStatement.java:2111)
        at com.mysql.jdbc.PreparedStatement.executeQuery(PreparedStatement.java:2273)
        at com.cypherx.xauth.PlayerManager.checkSession(PlayerManager.java:125)
        at com.cypherx.xauth.listeners.xAuthPlayerListener.onPlayerJoin(xAuthPlayerListener.java:67)
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
        at java.lang.reflect.Method.invoke(Unknown Source)
        at org.bukkit.plugin.java.JavaPluginLoader$1.execute(JavaPluginLoader.java:301)
        at org.bukkit.plugin.RegisteredListener.callEvent(RegisteredListener.java:62)
        at org.bukkit.plugin.SimplePluginManager.callEvent(SimplePluginManager.java:441)
        at net.minecraft.server.ServerConfigurationManager.c(ServerConfigurationManager.java:135)
        at net.minecraft.server.NetLoginHandler.b(NetLoginHandler.java:128)
        at net.minecraft.server.NetLoginHandler.a(NetLoginHandler.java:94)
        at net.minecraft.server.Packet1Login.handle(SourceFile:68)
        at net.minecraft.server.NetworkManager.b(NetworkManager.java:229)
        at net.minecraft.server.NetLoginHandler.a(NetLoginHandler.java:48)
        at net.minecraft.server.NetworkListenThread.a(NetworkListenThread.java:61)
        at net.minecraft.server.MinecraftServer.w(MinecraftServer.java:554)
        at net.minecraft.server.MinecraftServer.run(MinecraftServer.java:452)
        at net.minecraft.server.ThreadServerApplication.run(SourceFile:490)
    2012-03-22 15:15:30 [SEVERE] [xAuth] Something went wrong while logging in player: EX3MP
    com.mysql.jdbc.exceptions.jdbc4.MySQLIntegrityConstraintViolationException: Duplicate entry '1' for key 1
        at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
        at sun.reflect.NativeConstructorAccessorImpl.newInstance(Unknown Source)
        at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(Unknown Source)
        at java.lang.reflect.Constructor.newInstance(Unknown Source)
        at com.mysql.jdbc.Util.handleNewInstance(Util.java:407)
        at com.mysql.jdbc.Util.getInstance(Util.java:382)
        at com.mysql.jdbc.SQLError.createSQLException(SQLError.java:1039)
        at com.mysql.jdbc.MysqlIO.checkErrorPacket(MysqlIO.java:3593)
        at com.mysql.jdbc.MysqlIO.checkErrorPacket(MysqlIO.java:3525)
        at com.mysql.jdbc.MysqlIO.sendCommand(MysqlIO.java:1986)
        at com.mysql.jdbc.MysqlIO.sqlQueryDirect(MysqlIO.java:2140)
        at com.mysql.jdbc.ConnectionImpl.execSQL(ConnectionImpl.java:2626)
        at com.mysql.jdbc.PreparedStatement.executeInternal(PreparedStatement.java:2111)
        at com.mysql.jdbc.PreparedStatement.executeUpdate(PreparedStatement.java:2407)
        at com.mysql.jdbc.PreparedStatement.executeUpdate(PreparedStatement.java:2325)
        at com.mysql.jdbc.PreparedStatement.executeUpdate(PreparedStatement.java:2310)
        at com.cypherx.xauth.PlayerManager.createSession(PlayerManager.java:324)
        at com.cypherx.xauth.PlayerManager.doLogin(PlayerManager.java:257)
        at com.cypherx.xauth.commands.LoginCommand.onCommand(LoginCommand.java:40)
        at org.bukkit.command.PluginCommand.execute(PluginCommand.java:40)
        at org.bukkit.command.SimpleCommandMap.dispatch(SimpleCommandMap.java:166)
        at org.bukkit.craftbukkit.CraftServer.dispatchCommand(CraftServer.java:469)
        at net.minecraft.server.NetServerHandler.handleCommand(NetServerHandler.java:907)
        at net.minecraft.server.NetServerHandler.chat(NetServerHandler.java:867)
        at net.minecraft.server.NetServerHandler.a(NetServerHandler.java:850)
        at net.minecraft.server.Packet3Chat.handle(Packet3Chat.java:33)
        at net.minecraft.server.NetworkManager.b(NetworkManager.java:229)
        at net.minecraft.server.NetServerHandler.a(NetServerHandler.java:116)
        at net.minecraft.server.NetworkListenThread.a(NetworkListenThread.java:78)
        at net.minecraft.server.MinecraftServer.w(MinecraftServer.java:554)
        at net.minecraft.server.MinecraftServer.run(MinecraftServer.java:452)
        at net.minecraft.server.ThreadServerApplication.run(SourceFile:490)
    I delete my session from the mysqlDB and it works once
    so i think the Plugin dont delete the session from the db
     
  25. Offline

    CypherX

    EX3MP

    That's a different error and it looks like you're using an older database version with a newer version of xAuth. Are you using xAuth 2.0 or higher (non-beta)? If yes, did you follow the upgrading guide (if upgrading from a previous version)?
     
  26. Offline

    rahmat2222

    if i use xauth, quarry(Mod buildcraft) is not work

    Code:
    2012-03-22 22:09:43 [SEVERE] Could not pass event BlockPlaceEvent to xAuth
    org.bukkit.event.EventException
        at org.bukkit.plugin.java.JavaPluginLoader$1.execute(JavaPluginLoader.java:303)
        at org.bukkit.plugin.RegisteredListener.callEvent(RegisteredListener.java:62)
        at org.bukkit.plugin.SimplePluginManager.callEvent(SimplePluginManager.java:441)
        at org.bukkit.craftbukkit.event.CraftEventFactory.callBlockPlaceEvent(CraftEventFactory.java:97)
        at buildcraft.factory.TileQuarry.doWork(TileQuarry.java:210)
        at buildcraft.api.PowerProvider.update(PowerProvider.java:50)
        at buildcraft.core.TileBuildCraft.q_(TileBuildCraft.java:50)
        at buildcraft.factory.TileQuarry.q_(TileQuarry.java:136)
        at net.minecraft.server.World.tickEntities(World.java:1184)
        at net.minecraft.server.MinecraftServer.w(MinecraftServer.java:548)
        at net.minecraft.server.MinecraftServer.run(MinecraftServer.java:455)
        at net.minecraft.server.ThreadServerApplication.run(SourceFile:490)
    Caused by: java.lang.NullPointerException
        at com.cypherx.xauth.plugins.xPermissions.has(xPermissions.java:57)
        at com.cypherx.xauth.PlayerManager.isRestricted(PlayerManager.java:203)
        at com.cypherx.xauth.listeners.xAuthBlockListener.onBlockPlace(xAuthBlockListener.java:34)
        at sun.reflect.GeneratedMethodAccessor24.invoke(Unknown Source)
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
        at java.lang.reflect.Method.invoke(Unknown Source)
        at org.bukkit.plugin.java.JavaPluginLoader$1.execute(JavaPluginLoader.java:301)
        ... 11 more
     
  27. hi, i was wondering do u need mysql? its a little complicated and it has it in config to disable it. however when i start server and do /pluigns xAuth is in red(not working) also my config keeps resetting. thx
    wanting to make my server cracked but i need this first
    join my server so u can see what i mean : kayccraft.zapto.org

    scrap that, it works now. lol
    however could u make a feature to make auto log out when they disconnect? because if u join again then u are automatically logged in.
    some ppl may forget and have a risk of accounts being compromised.
    many thx.
    working great so far tho :p

    EDIT by Moderator: merged posts, please use the edit button instead of double posting.
     
    Last edited by a moderator: Jul 17, 2016
  28. Offline

    CypherX

    The session only resumes if the players IP address is equal to the one used to sign in, otherwise they will be forced to log in again. If you still want to force them to re-login, set session.length to zero in the configuration.

    Also, there is an alternative to MySQL. You should read the features/changelog next time.
     
  29. Offline

    Ketrel

    If I do not have registrations forced, and someone registers, will require them to login if they have registered?

    If that's the case, what settings/permissions would I need to block breaking/placing when not logged in, but only if registered?
     
  30. Offline

    EX3MP

    CypherX okey ... was a new DB thanks forgot to delete it ;)
    thanks and very nice Plugin ;)
     
  31. Offline

    DaEgo

    CypherX

    can ur plugin handle with the authme password hash database ?
    i think about to change my aut plugin ;)
     
Thread Status:
Not open for further replies.

Share This Page