Inactive [SEC] xAuth v2.0.10 - Extra Authentication [1.2.5-R1.3+]

Discussion in 'Inactive/Unsupported Plugins' started by CypherX, Mar 15, 2011.

Thread Status:
Not open for further replies.
  1. Offline


    xAuth v2.0.10 - (CraftBukkit build: [1.2.5-R1.3+])
    Download v2.0.10

    lycano is taking over the development of xAuth as I no longer have the time nor the will to continue working on it. Please see the BukkitDev page:

    Thanks to everyone who has showed support for me and xAuth over the past 17 months. It's been 'fun'. If for any reason you need to contact me, stop by my IRC channel ( #LoveDespite) or toss me a message at Until we meet again, stay gold. Bang.


    xAuth is a plugin designed with a single task in mind: protect a server and its players while running in offline-mode. The basic idea of this protection is allowing players to register an account based on their player name and a supplied password. When a registered player connects to the server, that player will be prompted to authenticate his or herself by logging in. If and only if a valid password is supplied, they will regain full control of their account until their session expires.

    • Before registering/logging in, players cannot:
      • Chat, execute commands, interact with objects (levers, chests, etc.), move, or pickup items.
      • Break or place blocks
      • Receive or give damage, be targeted (followed) by hostile mobs
    • Inventory and location protection
    • In-depth setting and message configuration
    • Persistent login sessions through server restarts
    • Player name filter and password complexity configuration
    • Kick non-logged in (but registered) players after a configurable amount of time
    • Bukkit Permissions support
    • Kick or temporarily lockout the IP address of a player who fails to log in after a configurable amount of tries
    • Custom, highly secure password hashing
    • H2 and MySQL support
    • Authentication over URL (AuthURL) allows for connection to forum or website databases
    Changelog (click for full changelog)
    • Version 2.0.10
      • [Fixed] Exploit to completely bypass login system.
      • [Fixed] xAuth commands not working with Rcon
      • [Fixed] Exploiting login system to avoid fire & drowning damage.
      • [Fixed] NPE caused by player connecting & disconnecting during same server tick.
      • [Fixed] 'Table "SESSIONS" not found' error when a player uses /logout while session length is set to zero.
      • [Fixed] Exploiting location protection after dieing to return to the spot of death.
    • Version 2.0.9
      • Added several reverse single session configuration options.
      • Fixed registration.forced: false not working.
      • Updated version check and H2 download links.
    xAuth Importer
    xAuth Importer is a tool used to import accounts from previous versions of xAuth as well as other authentication plugins. Click here for more information.
  2. Looks awesome, im going to install that, but i have got one question please..
    java -jar xAuthImporter.jar
    Where do i have to put that code? in the auths.txt in plugins/xAuth/ ???

    My admins and OP's dont have to register and login and i tried everything to change that, i want them to authenticate themselfs too, but i dont know how.. Could someone help me please? I tried everything..

    EDIT by Moderator: merged posts, please use the edit button instead of double posting.
    Last edited by a moderator: May 12, 2016
  3. Offline


    That's all i'm gonna say
  4. Offline


    it randomly started working... I don't know how. But I downloaded the latest version again today and it worked fine...
  5. Offline


    I can't thank you enough!
    Oh my god this plugin is amazing! :D
    Much love from me!
    Incase you couldn't tell it works for me. :p
  6. Offline


    This did not fix the problem for me :S! Can anyone help me? This is my permissions file for admins:

            default: false
                prefix: ''
                suffix: ''
                build: true
                - 'xauth.exclude'
                - '*'
    Also I have another problem, if someone logs in with the same name as me (the admin), it still disconnects me from the server. Anyway to stop this?
  7. Offline


    I'll test some of these to see if they are causing the issue you're having. It'll help if you could test some as well by disabling them one at a time and trying it.

    That's only used if you're trying to import the auths database from AnjoSecurity in a Unix environment with xAuth Importer.

    Your initial question has been answered multiple times in the previous two pages of this thread. As for your other question, if you're using WorldGuard you need to disable enforce-single-session in it's configuration.

    To acknowledge the /toggle command conflicting with the Citizens plugin; I don't feel the need to change anything as it was working fine until the developer of Citizens changed his command syntax.
  8. Offline


    great realease. Thank you!
  9. Offline


    need ingame Account making for Admins pls
  10. Offline


    am i doing something wrong? i got an outdated anjosecurity plugin for the .db file and imported it to a .txt but nothing happened...yes i've added the file in /plugins/xAuth
  11. Offline


    i really need to reconfigure the /toggle command please :( Citizens plugin is useless with your xAuth -.-
  12. Offline


    I have just downloaded it and installed the mod but "Players are no longer kicked if someone with the same name joins" i still get kicked... ive already got an account but when i try with two minecraft cilents logging i get kicked for that reason.... im i doing something wrong?​
  13. Offline



    First, I found this to be a great plugin. However, I've got a major issue that will actually decide whether or not I'll be using this on my server:

    Everytime a player logs in and is re-teleported from the spawn to the location where he was, it inflicts fall damage randomly (from a couple of hearts to four or five). Why is this caused?

    EDIT: It seems to be caused by the /logout command, because it only happens in-game, and not when you join. Also, it does not happen if you toggle off the safezone option so that it does not teleport you to the spawn.
  14. Offline

    The PC Tech Guy

    I believe this is a feature of Minecraft already...
  15. Offline


    DeltaDevil i just find a solution .. open your Citizens.jar eg. in WinRar, open plugin.yml and add this line under Toggle command (yml format, use spaces)
    aliases: [t, tog, togg]
    Safe and profit ! [meat]
  16. Offline


    xAuth 2 will allow this in some form.

    "nothing happened" is very generic and can mean anything.

    If you are also using WorldGuard, enforce-single-session needs to be disabled.

    Before they are logged in and are being teleported to the spawn, are they constantly falling then being re-teleported back up?
  17. Offline


    My problem is happening again. I also disabled enforce-single-session option. But now somebody can login he sees a message he/she is online now and he gets disconnected and i disconnected too. Sorry for my bad English.
  18. It just doesn't work, i dont understand it anymore :s can't they make a video with a tutorial or something?
  19. Offline


    doesn't work cuz there's no xAuth folder inside the .jar
  20. Offline

    TEM Vogelwurst

    Is there a possibility to "autologout" when you end your session ? ....because its not that comfortable to type
    "/logout" everytime you disconnect from your server for a long time.
  21. Offline


    When a player connects it checks if they have a session and if it's expired, removing it if necessary.

    Attention all xAuth users! If you're interesting in discussing or sharing your ideas for xAuth 2.0, visit this thread:
  22. Offline


    Why I get almost everytime killed after I log in? I know it must be something with height difference between respawn point and the place where I was, but why doesn't this plug just teleport the player to the place where he stood earlier? What can I do to prevent from getting killed? I know I can logout while being on water, but it is no solution for me.

    EDIT: I know why, my respawn point WAS ON THE WATER and because of that my char was jumping for most of the time and when he was teleported, sometimes he fell.
  23. Offline

    Daniel Few

    Heya. I really really wanna use this plug-in. Can you please tell me what the problem is:
    I'm not sure what's wrong. Do you know?
    Thanks a lot,
    Great plug-in,
  24. Offline


    Uhh Is it me or is this plugin showing your inventory and allows ops to use the give command cause I can use it. =(
  25. Offline


    How do we configure the player to have to login at the spawn location. I use SpawnControl and I people to spawn at the "global spawn point".
  26. Offline


    Help me please! I have xAuth installed with permissions plugin and only members of default group have to authorize. For members of other groups xAuth do not work!
  27. Offline


    Looks like something is causing the code used to teleport a player back to their original position is failing. Is it still happening?

    Not possible at the moment, although it has already been implemented in xAuth 2 (which has been making a lot of progress lately).

    Any groups/players with the '*' permission must also have '-xauth.exclude' (note the hyphen).
  28. Offline

    Daniel Few

    Yes it is still happening. I really need this plug-in on my sever :) Do you know why it's happening?
    Also, someone said something about spawning? So does xAuth set its own spawn and have that as default?
  29. Offline



    I want to translate your plugin in french. But :
    How to allow special characters ?
  30. Offline


    hi all

    Im admin and i put -'*' in my permission cause i need all permissions, and lots of plugins.
    Problem is take xauth.exclude
    but i want the person who want to take my nickname have to login ! but with this exclusion, no protection on my nickname.

    Is there a way to correct that ?

    thanks you
  31. Offline


    Check your config.yml for xAuth and make sure misc.protect-location has a proper boolean value.

    Surround the text with single quotes.

    This has been answered multiple times already, including in 3 posts above yours.
Thread Status:
Not open for further replies.

Share This Page