[INACTIVE][SEC] AnjoSecurity v1.6c - Offline-Mode User Registration [440-531+]

Discussion in 'Inactive/Unsupported Plugins' started by AnjoCaido, Feb 15, 2011.

  1. Offline

    AnjoCaido

    AnjoSecurity - Offline-Mode User Registration System
    Version: v1.6c

    This version it's just a minor update to make it work with newer CB and GM. When GM gets it's final version I'll start working on future plans for this.

    ---

    This plugin uses GroupManager plugin(optional, but recommended if you want to block commands):
    http://forums.bukkit.org/threads/ad...0-7-because-permissions-is-past-326-353.4723/
    With this you can block all commands of plugins that uses Permissions plugin.

    This plugin is to help people prevent griefing and abusing while your server is in offline-mode. When mineceraft server is down you have no choice than setting up offline-mode. When this option is enabled anyone can connect within your server with their desired username, it brings up the problem that someone can connect with administrator name and abuse with all his loot and commands. This plugin will set up user registration with a custom password for your server, and only the person with that password will be able to use that username.

    Did I say it is open-source? You can get it on GitHub and modify as you want.

    Features:
    • Prevents registered users to do anything while not logged in.
    • (toggle-able)Prevents non-registered users to do actions(move,destroy,etc).
    • (toggle-able)Prevents non-registered users to do summon commands.
    • (toggle-able)Remove all loot of non-registered users when joining the server(and tp to spawn).
    • (toggle-able)Registration system. You can deactivate registrations anytime.
    • Every user can remove their registration, so they can register with other password.
    • Users listed on settings.properties, while logged in, can remove any user registration.
    • (configurable) Session time. You can set the session duration, so if a user drops connection a lot, he would not need to /login again.(default 30 minutes)
    • Interacts with GroupManager permission plugin(the one replacing Nijikokun's Permissions plugin, yet fully compatible) to prevent running registered commands.
    • ALLOW List. You can allow certain users to register, even if registration is deactivated.
    Commands (all of them speech for themselves):
    • /register <password> - it registers with the given password
    • /login <password> - it tries to login with the given password
    • /reset <password> - if the password is correct, remove registration
    • /adminreset <username> - remove the registration of the given username
    • /toggleregistration - (yes it is long, in purpose) - toggle registration mode ON/OFF.
    • /adminallow <username> - allow user to register even if registration is deactivated.
    Changelog:
    Version 1.6c
    • Made it work with newer CB builds.
    • Made it work with GroupManager 1.0 alpha
    Version 1.6b
    • Made it work with newer GM builds.
    Version 1.6
    • Fixed a nasty bug.
    Version 1.5
    • Fixed die-menu-respawn item duping(I think).
    Version 1.4
    • Compatible with the latest bukkit builds(#353)
    Version 1.3b
    • Removed some debugging messages.
    Version 1.3
    • Fixed small bugs. (I think all exceptions reported by now are fixed)
    • Added allow list.
    Version 1.2
    • Fixed small bugs
    • Improved how God Mode works(now it's verly like the God Mode plugin)
    • Added a God Mode timout after login of 5 seconds, to prevent die of falling on the ground.
    • Added a command to toggle registrations on/off.
    Version 1.1
    • Prevent non-logged-in users to lose health(and die).
    Version 1.0
    • First fully working release.
    Future plans:
    • (done!) Create a toggle command that opens and closes registration
    • Store users activities, such as typing wrong passwords and such(to catch hackers)
    Download:
    Version 1.6c (to use with GroupManager 1.0 or higher):
    http://www.mdn.fm/files/272681_rqyw0/AnjoSecurity-1.6c.zip

    Version 1.6b (to use with GroupManager 0.99b or lower):
    http://www.mdn.fm/files/271609_dvt1f/AnjoSecurity-1.6b.zip

    Source:
    https://github.com/gmcouto/AnjoSecurity

    Flat-file Authentication importer(import auth db from older plugins):
    http://www.mdn.fm/files/261879_yjodh/uber-AnjoSecurityImporter-1.0-SNAPSHOT.jar
    It is destinated for the following format(plugins that used MineSecurity format, from hMod):
    username:md5passhash

    Just double click on the jar(or run via terminal with java -jar), select the old flat-file... it will generate a AnjoSecurityDB.db file, which you put on your server folder. If you want to merge the old file with the new database, just put the jar on the same folder of the AnjoSecurityDB.db...


    ===============================
    Everyone with an Off-Line server might like the NameChecker plugin I made, it super simple. It only filters huge names (> 20 chars), short names(<3 chars), and invalid characters in names(only letters, numbers, and underscores allowed).
    It kicks the player and shows him the reason of why his name is invalid. It even has a configurable file for you to put forbidden names to join the server(like Player, or Scruffy_Puppy)
    http://www.mdn.fm/files/273443_hynys/NameChecker-0.1-SNAPSHOT.jar
     
    xcession, FlingeR and methos like this.
  2. Offline

    morikubo

    Amm..
    Fix for 456?
    I suppose 440 is recommended.
    and i get -

    2011-02-27 11:39:27 [SEVERE] null
    java.lang.ClassNotFoundException: org.sqlite.JDBC
    at java.net.URLClassLoader$1.run(Unknown Source)
    at java.security.AccessController.doPrivileged(Native Method)
    at java.net.URLClassLoader.findClass(Unknown Source)
    at org.bukkit.plugin.java.PluginClassLoader.findClass(PluginClassLoader.java:30)
    at java.lang.ClassLoader.loadClass(Unknown Source)
    at java.lang.ClassLoader.loadClass(Unknown Source)
    at java.lang.Class.forName0(Native Method)
    at java.lang.Class.forName(Unknown Source)
    at org.anjocaido.anjosecurity.RegistrationControl.<init>(RegistrationControl.java:35)
    at org.anjocaido.anjosecurity.AnjoSecurity.onEnable(AnjoSecurity.java:108)
    at org.bukkit.plugin.java.JavaPlugin.setEnabled(JavaPlugin.java:140)
    at org.bukkit.plugin.java.JavaPluginLoader.enablePlugin(JavaPluginLoader.java:426)
    at org.bukkit.plugin.SimplePluginManager.enablePlugin(SimplePluginManager.java:187)
    at org.bukkit.craftbukkit.CraftServer.loadPlugin(CraftServer.java:79)
    at org.bukkit.craftbukkit.CraftServer.loadPlugins(CraftServer.java:60)
    at net.minecraft.server.MinecraftServer.e(MinecraftServer.java:187)
    at net.minecraft.server.MinecraftServer.a(MinecraftServer.java:174)
    at net.minecraft.server.MinecraftServer.d(MinecraftServer.java:120)
    at net.minecraft.server.MinecraftServer.run(MinecraftServer.java:227)
    at net.minecraft.server.ThreadServerApplication.run(SourceFile:366)
    2011-02-27 11:39:27 [SEVERE] null
    java.sql.SQLException: No suitable driver found for jdbc:sqlite:AnjoSecurityDB.db
    at java.sql.DriverManager.getConnection(Unknown Source)
    at java.sql.DriverManager.getConnection(Unknown Source)
    at org.anjocaido.anjosecurity.RegistrationControl.<init>(RegistrationControl.java:41)
    at org.anjocaido.anjosecurity.AnjoSecurity.onEnable(AnjoSecurity.java:108)
    at org.bukkit.plugin.java.JavaPlugin.setEnabled(JavaPlugin.java:140)
    at org.bukkit.plugin.java.JavaPluginLoader.enablePlugin(JavaPluginLoader.java:426)
    at org.bukkit.plugin.SimplePluginManager.enablePlugin(SimplePluginManager.java:187)
    at org.bukkit.craftbukkit.CraftServer.loadPlugin(CraftServer.java:79)
    at org.bukkit.craftbukkit.CraftServer.loadPlugins(CraftServer.java:60)
    at net.minecraft.server.MinecraftServer.e(MinecraftServer.java:187)
    at net.minecraft.server.MinecraftServer.a(MinecraftServer.java:174)
    at net.minecraft.server.MinecraftServer.d(MinecraftServer.java:120)
    at net.minecraft.server.MinecraftServer.run(MinecraftServer.java:227)
    at net.minecraft.server.ThreadServerApplication.run(SourceFile:366)


    now i have no chance to use it because 440 was just ignored like it never been released?

    ===============

    and what means anyone can execute coms as admin?
    Doest this mod block every command until login?
     
  3. Offline

    Nader

    it goes on my comp 'couldn't pass player_join' constantly however, it seems to be working.. can anyone clarify what this error is causing =/?
     
  4. Offline

    GameFAQsRolo

    Does your permissions have a rank named "NotLoggedIn"? It should be identical to "NotRegistered". That fixed the problem for me when I was having that error.
     
  5. Offline

    DerET

    An auth plugin without mysql? Who wants to use that? Are there so many idiots here?!
     
  6. Offline

    Nathan C

    Your just mad, because you don't have mysql.

    Back on topic. The plugin works great on the latest build, except for the fact that users can still use commands, before logging in.
     
  7. Offline

    morikubo


    damn it. 440 isnt supported, commands can be used...
    no way
     
  8. Offline

    Androw

    You should use a custom client.

    And for others, I will try to check for this problem.
     
  9. Offline

    morikubo

    So, i just want to make things clear -
    fro now the only way to secure your admin permission is to use Ascii in name, im right?
     
  10. Offline

    Androw

    Seems to be an issue with Groupmanager, cause user are well added in NotLoggedIn or NotRegistered groups
    I will investigate
     
  11. Offline

    giding

    I have tested using the server commands in the game without being logged in to AnjoSecurity and none of the commands seem to work before i log in to AnjoSecurity and my name is in the ops.txt... so how actually is this plugin insecure?

    I just wanna know because i don't see any way someone could come with my username and mess with the commands without knowing my password in AnjoSecurity. People have been telling here that the commands are usable without logging in but they weren't when i tested so what is this all abut? Is my server secure now or not??
     
  12. Offline

    Androw

    @giding
    Are you using GroupManager ? if not, your permission should be handed by ops.txt by most plugins
    --- merged: Feb 27, 2011 2:55 PM ---
    Just checked about possible commands.
    I will just recommend you to remove user from ops.txt if you use Groupmanager.

    Unlogged user can't execute commands if permission for this command is handle by Groupmanager
     
  13. Offline

    Anoniempje

    maybe anjo can run IP checks and list "recently logged in as.."
     
  14. Offline

    shadowdemonx9

    Having the same problem, even though I'm not logged in I can still use commands.
     
  15. Offline

    Nieksas

    please update :/
     
  16. Offline

    Androw

    What commands can you use ?
     
  17. Offline

    xenex

    I'm using 440 and everytime a player joins the server, I get this error and it lags the server quite a bit. Any reason for that? Also, I don't know if it's this plugin or GroupManager since it shows both.
    Code:
    2011-02-27 12:56:02 [SEVERE] Could not pass event PLAYER_JOIN to AnjoSecurity
    java.lang.NoSuchMethodError: org.anjocaido.groupmanager.GroupManager.getData()Lo
    rg/anjocaido/groupmanager/DataHolder;
            at org.anjocaido.anjosecurity.PermissionsDealer.markAsNotLoggedIn(Permis
    sionsDealer.java:34)
            at org.anjocaido.anjosecurity.AnjoSecurity.handlePlayerJoin(AnjoSecurity
    .java:219)
            at org.anjocaido.anjosecurity.AnjoSecurityPlayerListener.onPlayerJoin(An
    joSecurityPlayerListener.java:31)
            at org.bukkit.plugin.java.JavaPluginLoader$1.execute(JavaPluginLoader.ja
    va:130)
            at org.bukkit.plugin.RegisteredListener.callEvent(RegisteredListener.jav
    a:59)
            at org.bukkit.plugin.SimplePluginManager.callEvent(SimplePluginManager.j
    ava:225)
            at net.minecraft.server.ServerConfigurationManager.a(ServerConfiguration
    Manager.java:97)
            at net.minecraft.server.NetLoginHandler.b(NetLoginHandler.java:87)
            at net.minecraft.server.NetLoginHandler.a(NetLoginHandler.java:68)
            at net.minecraft.server.Packet1Login.a(SourceFile:46)
            at net.minecraft.server.NetworkManager.a(SourceFile:230)
            at net.minecraft.server.NetLoginHandler.a(NetLoginHandler.java:34)
            at net.minecraft.server.NetworkListenThread.a(SourceFile:87)
            at net.minecraft.server.MinecraftServer.h(MinecraftServer.java:338)
            at net.minecraft.server.MinecraftServer.run(MinecraftServer.java:253)
            at net.minecraft.server.ThreadServerApplication.run(SourceFile:366)
    2011-02-27 12:56:07 [SEVERE] Could not pass event PLAYER_COMMAND to AnjoSecurity
    
    java.lang.NoSuchMethodError: org.anjocaido.groupmanager.GroupManager.getOverload
    edClassData()Lorg/anjocaido/groupmanager/OverloadedDataHolder;
            at org.anjocaido.anjosecurity.PermissionsDealer.restorePermissions(Permi
    ssionsDealer.java:55)
            at org.anjocaido.anjosecurity.AnjoSecurity.handleCommandsWhileNOTLoggetI
    n(AnjoSecurity.java:348)
            at org.anjocaido.anjosecurity.AnjoSecurity.handleCommand(AnjoSecurity.ja
    va:268)
            at org.anjocaido.anjosecurity.AnjoSecurityPlayerListener.onPlayerCommand
    (AnjoSecurityPlayerListener.java:68)
            at org.bukkit.plugin.java.JavaPluginLoader$5.execute(JavaPluginLoader.ja
    va:150)
            at org.bukkit.plugin.RegisteredListener.callEvent(RegisteredListener.jav
    a:59)
            at org.bukkit.plugin.SimplePluginManager.callEvent(SimplePluginManager.j
    ava:225)
            at net.minecraft.server.NetServerHandler.c(NetServerHandler.java:651)
            at net.minecraft.server.NetServerHandler.chat(NetServerHandler.java:601)
    
            at net.minecraft.server.NetServerHandler.a(NetServerHandler.java:595)
            at net.minecraft.server.Packet3Chat.a(SourceFile:24)
            at net.minecraft.server.NetworkManager.a(SourceFile:230)
            at net.minecraft.server.NetServerHandler.a(NetServerHandler.java:70)
            at net.minecraft.server.NetworkListenThread.a(SourceFile:100)
            at net.minecraft.server.MinecraftServer.h(MinecraftServer.java:338)
            at net.minecraft.server.MinecraftServer.run(MinecraftServer.java:253)
            at net.minecraft.server.ThreadServerApplication.run(SourceFile:366)
     
  18. Offline

    Androw

  19. Offline

    SpAxX

    It's a very nice plugin, but i can't get it to run on 1.3 yet.
    Androw is your plugin to be put there in addition to the old? Or is putting the AnjoSecurity-1.3-SNAPSHOT.jar in plugins folder enough?
    Well, in fact i tried both, without success. Maybe i'm missing or missunderstanding something here!?
     
  20. Offline

    Androw

    My plugin is a fix to work with newer build of CB.
    Juste rename the downloaded jar to AnjoSecurity.jar
    Then launch the server, your player should be able to register.
    You should have install Groupmanager plugin before.
     
  21. Offline

    Cubox

  22. Offline

    TuRmoiLxx

    I have this error.
     

    Attached Files:

  23. Offline

    Spazmic

    Please update I love this plugin!
     
  24. Offline

    matt vara

    Hey i run on a mac, but when i login nothin happens and i press /register and it says internal error occured

    HELP???
     
  25. Offline

    morikubo

    Anjo, pls do something with commands!
    I just can't run my server because any fag can use commands.
     
  26. Offline

    vangeraman

    Anjo update please)))

    guys are now at least one working plugin for authentication?
     
  27. Offline

    Cubox

    Currently, none.
    Yes, Anjo, please update :)
     
  28. Offline

    jwideman

    Because he took out ALL of the code.
     
  29. Offline

    morikubo

    =(
    Dupe, use of commands, loading items even if not logged.
    Why GOD WHYYYYY
     
  30. Offline

    CzarRazc

    please update :)
     
  31. Offline

    Androw

    @morikubo
    I think you use scrapbukkit.
    You should use a plugin which use Permission/GroupManager.
     

Share This Page