Inactive [SEC] xAuth v2.0.10 - Extra Authentication [1.2.5-R1.3+]

Discussion in 'Inactive/Unsupported Plugins' started by CypherX, Mar 15, 2011.

Thread Status:
Not open for further replies.
  1. Offline

    CypherX

    xAuth v2.0.10 - (CraftBukkit build: [1.2.5-R1.3+])
    Download v2.0.10

    lycano is taking over the development of xAuth as I no longer have the time nor the will to continue working on it. Please see the BukkitDev page: http://dev.bukkit.org/server-mods/xauth/

    Thanks to everyone who has showed support for me and xAuth over the past 17 months. It's been 'fun'. If for any reason you need to contact me, stop by my IRC channel (irc.rizon.net #LoveDespite) or toss me a message at http://love-despite.com/forum. Until we meet again, stay gold. Bang.

    ------------------------------------------------------------------​

    xAuth is a plugin designed with a single task in mind: protect a server and its players while running in offline-mode. The basic idea of this protection is allowing players to register an account based on their player name and a supplied password. When a registered player connects to the server, that player will be prompted to authenticate his or herself by logging in. If and only if a valid password is supplied, they will regain full control of their account until their session expires.


    Features
    • Before registering/logging in, players cannot:
      • Chat, execute commands, interact with objects (levers, chests, etc.), move, or pickup items.
      • Break or place blocks
      • Receive or give damage, be targeted (followed) by hostile mobs
    • Inventory and location protection
    • In-depth setting and message configuration
    • Persistent login sessions through server restarts
    • Player name filter and password complexity configuration
    • Kick non-logged in (but registered) players after a configurable amount of time
    • Bukkit Permissions support
    • Kick or temporarily lockout the IP address of a player who fails to log in after a configurable amount of tries
    • Custom, highly secure password hashing
    • H2 and MySQL support
    • Authentication over URL (AuthURL) allows for connection to forum or website databases
    Changelog (click for full changelog)
    • Version 2.0.10
      • [Fixed] Exploit to completely bypass login system.
      • [Fixed] xAuth commands not working with Rcon
      • [Fixed] Exploiting login system to avoid fire & drowning damage.
      • [Fixed] NPE caused by player connecting & disconnecting during same server tick.
      • [Fixed] 'Table "SESSIONS" not found' error when a player uses /logout while session length is set to zero.
      • [Fixed] Exploiting location protection after dieing to return to the spot of death.
    • Version 2.0.9
      • Added several reverse single session configuration options.
      • Fixed registration.forced: false not working.
      • Updated version check and H2 download links.
    xAuth Importer
    xAuth Importer is a tool used to import accounts from previous versions of xAuth as well as other authentication plugins. Click here for more information.
     
  2. Offline

    PinguinAman

    Oh my... please tell us you're gonna fix all this stuff!
     
  3. Offline

    CypherX

  4. Offline

    Leemur

    omg :) Can't wait
     
  5. Offline

    MrMag518

  6. Offline

    Adrenaline

  7. Offline

    agubelu

    Great news :D
     
  8. Offline

    marster4000

    your plugin have me say i must contact you the plugin dont work Please help

    sorry for my bad english xD
     
  9. Offline

    Hydrosis

    Haha, great your back! Not rushing you or anything, but do you think you can give an eta on when the update will be? :3 I just want to get an idea how long we will have to wait lol.
     
  10. Offline

    CypherX

    Not going to give any kind of ETA. I want to make this as efficient and bug-free as possible.

    Relevant.
     
  11. Offline

    LlmDl

    Of the plugins that I use, I've used yours for almost 1 year now. You rock.
     
  12. Offline

    Hydrosis

    This Dev Status (if it's kept up to date :p) is better than an ETA for me :)

    Once it's updated, we're not going to have to delete our old auths, right? :3

    Requested feature to put on to-do list: h2 to MySQL converter? :D
     
  13. Offline

    XtenD

    Holy Shi~ just cant wait for update. Also doing an xauth mysql admincenter on php ;)
    [​IMG]
     
  14. Offline

    kremington

    OMG.

    Thank you CypherX!
     
  15. Offline

    anders4431

    Thank you for a great plugin!

    I'm looking forward to the next release!
     
  16. Offline

    benjyboing

    When well it be up and running again?:confused:
     
  17. Offline

    UnluckyNinja

    It's...
    powerful...
     
  18. Offline

    ghost15

    Glad to see you back CypherX , Let me know if you want any pointers on the SQL handling to support servers that are empty for periods of time (MySQL Connection Timeout). The old reconnect code restored the connection but that first user to connect got in scot free (no login needed)
     
  19. Offline

    CypherX

    Any suggestions for a better method than checking the connection on each query and attempting to reconnect if none is found?
     
  20. Offline

    PinguinAman

    Actually the user still has to login after a restored connection:
    http://dev.bukkit.org/paste/is61pevxjw9l58om/
    So I see no problem there.
     
  21. Offline

    ghost15

    Really the connection shouldn't be left open, as you don't really need to read/write to it all the time. You should connect, do your work, and disconnect. Database servers are more or less designed to work that way.

    So very presudo
    Code:
    db.Connect();
    get_strikeban();
    check_session();
    move_player();
    store_inventory();
    prompt_to_login();
    db.Close();
    
    then if they do /login blah
    Code:
    db.Connect();
    do_login();
    restore_inventory();
    move_player();
    create_session();
    db.Close();
    
    So each time you handle an event, and you need to access to the database server, create the connection, do your stuff, then close it right before your plugin is done with that command processing.

    The user logged in after the connection failed and was re-exstablished. I've seen it where the user logging in causes it to fail, and then they don't get prompted to login (not a session login)
     
  22. Offline

    tombik

    you have my support. I wanted to migrate to AuthMe (as most of users) but than i saw you upgrading, so i stopped and now i'm waiting. please finish this improvement :).
     
  23. Offline

    robxu9

  24. Offline

    CypherX

  25. Offline

    Magestickown

    SANIC HEGEHOG
    GODDA GO FASD

    Glad to see you back! I can't wait for the new xAuth :D
     
  26. Offline

    beleg

    I am using a modified version right now, will my .db be importable to your new version (when it comes out) ?
     
  27. Offline

    CypherX

    I have no idea what this modified version or .db is.
     
  28. Offline

    Hydrosis

  29. Offline

    CypherX

    In that case, maybe. The account table schema probably won't change too drastically (if at all), so if that hasn't been modified to much it should be fine. Although, at this point in time, take everything I say with a grain of salt. Anything can change at any time.

    Edit: Oh, by the way, H2 will no longer be supported. MySQL will be the sole supported datasource. Will there be a way to import from H2? Probably.
     
  30. Offline

    Hydrosis

    Awww yeah! Just curious though, how come H2 won't be supported? I want to move to mysql, but just wondering if there is a problem with H2 (since that's what I'm currently using) :3
     
  31. Offline

    beleg

Thread Status:
Not open for further replies.

Share This Page