Inactive [SEC] xAuth v2.0.10 - Extra Authentication [1.2.5-R1.3+]

Discussion in 'Inactive/Unsupported Plugins' started by CypherX, Mar 15, 2011.

Thread Status:
Not open for further replies.
  1. Offline

    CypherX

    xAuth v2.0.10 - (CraftBukkit build: [1.2.5-R1.3+])
    Download v2.0.10

    lycano is taking over the development of xAuth as I no longer have the time nor the will to continue working on it. Please see the BukkitDev page: http://dev.bukkit.org/server-mods/xauth/

    Thanks to everyone who has showed support for me and xAuth over the past 17 months. It's been 'fun'. If for any reason you need to contact me, stop by my IRC channel (irc.rizon.net #LoveDespite) or toss me a message at http://love-despite.com/forum. Until we meet again, stay gold. Bang.

    ------------------------------------------------------------------​

    xAuth is a plugin designed with a single task in mind: protect a server and its players while running in offline-mode. The basic idea of this protection is allowing players to register an account based on their player name and a supplied password. When a registered player connects to the server, that player will be prompted to authenticate his or herself by logging in. If and only if a valid password is supplied, they will regain full control of their account until their session expires.


    Features
    • Before registering/logging in, players cannot:
      • Chat, execute commands, interact with objects (levers, chests, etc.), move, or pickup items.
      • Break or place blocks
      • Receive or give damage, be targeted (followed) by hostile mobs
    • Inventory and location protection
    • In-depth setting and message configuration
    • Persistent login sessions through server restarts
    • Player name filter and password complexity configuration
    • Kick non-logged in (but registered) players after a configurable amount of time
    • Bukkit Permissions support
    • Kick or temporarily lockout the IP address of a player who fails to log in after a configurable amount of tries
    • Custom, highly secure password hashing
    • H2 and MySQL support
    • Authentication over URL (AuthURL) allows for connection to forum or website databases
    Changelog (click for full changelog)
    • Version 2.0.10
      • [Fixed] Exploit to completely bypass login system.
      • [Fixed] xAuth commands not working with Rcon
      • [Fixed] Exploiting login system to avoid fire & drowning damage.
      • [Fixed] NPE caused by player connecting & disconnecting during same server tick.
      • [Fixed] 'Table "SESSIONS" not found' error when a player uses /logout while session length is set to zero.
      • [Fixed] Exploiting location protection after dieing to return to the spot of death.
    • Version 2.0.9
      • Added several reverse single session configuration options.
      • Fixed registration.forced: false not working.
      • Updated version check and H2 download links.
    xAuth Importer
    xAuth Importer is a tool used to import accounts from previous versions of xAuth as well as other authentication plugins. Click here for more information.
     
  2. Offline

    Medioman92

    thanks man :D
     
  3. Offline

    Avarice

    There is an issue with players who log off in Creative worlds who log back in in the main survival world still having creative upon logging back in.

    CB Ver: 1.2.5 R-1.0
    xAuth Ver: 2.0.1
     
  4. Offline

    Ketrel

    If I'm logged out (not resuming) and I join the server, I get "internal server error" and get kicked.

    The error in the server log is

    Would like to add this is happening if I'm logged out in a different world than the global login area.

    In addition, I tried removing the global location, (which it said it did) but when I try to create a non-global one, it tells me I have to remove the existing global one first (which I apparently already did), but something's broken there.

    I had to nuke the whole db to compensate.

    EDIT by Moderator: merged posts, please use the edit button instead of double posting.
     
    Last edited by a moderator: Jul 17, 2016
  5. Offline

    Chrispm84

    xAuth isn't creating any tables and I'm getting this error. It's the only error in my server.log.

    Code:
    2012-04-08 20:22:41 [INFO] [xAuth] Enabling xAuth v2.0.5
     
    2012-04-08 20:22:41 [INFO] [xAuth] Bukkit Permissions enabled (no plugin detected)
     
    2012-04-08 20:22:41 [INFO] [xAuth] Successfully established connection to MySQ database
     
    2012-04-08 20:22:41 [SEVERE] [xAuth] Failed to load teleport locations!
     
    com.mysql.jdbc.exceptions.jdbc4.MySQLSyntaxErrorException: Table 'chrispm84db.locations' doesn't exist
     
        at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
     
        at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:57)
     
        at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
     
        at java.lang.reflect.Constructor.newInstance(Constructor.java:525)
     
        at com.mysql.jdbc.Util.handleNewInstance(Util.java:407)
     
        at com.mysql.jdbc.Util.getInstance(Util.java:382)
     
        at com.mysql.jdbc.SQLError.createSQLException(SQLError.java:1052)
     
        at com.mysql.jdbc.MysqlIO.checkErrorPacket(MysqlIO.java:3593)
     
        at com.mysql.jdbc.MysqlIO.checkErrorPacket(MysqlIO.java:3525)
     
        at com.mysql.jdbc.MysqlIO.sendCommand(MysqlIO.java:1986)
     
        at com.mysql.jdbc.MysqlIO.sqlQueryDirect(MysqlIO.java:2140)
     
        at com.mysql.jdbc.ConnectionImpl.execSQL(ConnectionImpl.java:2626)
     
        at com.mysql.jdbc.PreparedStatement.executeInternal(PreparedStatement.java:2111)
     
        at com.mysql.jdbc.PreparedStatement.executeQuery(PreparedStatement.java:2273)
     
        at com.cypherx.xauth.LocationManager.loadLocations(LocationManager.java:36)
     
        at com.cypherx.xauth.LocationManager.<init>(LocationManager.java:24)
     
        at com.cypherx.xauth.xAuth.onEnable(xAuth.java:89)
     
        at org.bukkit.plugin.java.JavaPlugin.setEnabled(JavaPlugin.java:215)
     
        at org.bukkit.plugin.java.JavaPluginLoader.enablePlugin(JavaPluginLoader.java:336)
     
        at org.bukkit.plugin.SimplePluginManager.enablePlugin(SimplePluginManager.java:381)
     
        at org.bukkit.craftbukkit.CraftServer.loadPlugin(CraftServer.java:250)
     
        at org.bukkit.craftbukkit.CraftServer.enablePlugins(CraftServer.java:232)
     
        at net.minecraft.server.MinecraftServer.t(MinecraftServer.java:371)
     
        at net.minecraft.server.MinecraftServer.a(MinecraftServer.java:358)
     
        at net.minecraft.server.MinecraftServer.init(MinecraftServer.java:187)
     
        at net.minecraft.server.MinecraftServer.run(MinecraftServer.java:422)
     
        at net.minecraft.server.ThreadServerApplication.run(SourceFile:492)
     
    2012-04-08 20:22:41 [INFO] [xAuth] v2.0.5 Enabled!
    And I'm glad to see you back to working on xAuth, Cypher! We missed ya!
     
  6. Offline

    Doenerb0y

    how to fix it? all of your import.jar files do not works.. :(
     
  7. Offline

    Chrispm84

    Disregard my previous problem. I had run xAuth once to generate a fresh config and forgot to delete DBVERSION. After deleting it, everything's peachy.
     
  8. Offline

    Hydrosis

    Just wondering, how come the title didn't change? O-o
     
  9. Offline

    Whynot

    Im using 1.2.5 RB 1.0 and get this error:
    http://pastebin.com/g7LqzguU

    Plugin works but i dont like errors :D

    And im posting this here because i have no github account :( ^^
     
  10. Offline

    Hydrosis

    Lol funny error. It didn't work, so it tried to stop it, but there was an error while it tried to stop it, so it kept running...even though it doesn't work :confused:

    Are you using MySQL or H2?
     
  11. Offline

    vicuuu

    The last commit works for my server!! ( 1.2.5R1 )
    No more copy items.
    Thank you very much.:)
     
  12. Offline

    Whynot

    I think no :D
    And what the dell is H2?
     
  13. Offline

    slizone

    H2 is a SQL Database for Java. ;)

    -
    CypherX, can you please write a little introduction to the AuthURL feature?
    Thanks :)
     
  14. Offline

    Whynot

    Thanks :D
    But the errors still exists... I test it with an mysql database...
     
  15. Offline

    slizone

    It works fine for me, except the first start. There were some errors, but at the second start there are no errors anymore.

    Is there a H2.jar in your lib/ folder?
     
  16. Offline

    Whynot

    yes on bukkitroot;/libs/h2-1.3.164.jar.
    Perhaps it helps that im usin openjdk an Ubuntu ^^
    But dont understand exactly why the error appears.
    It says "INFO] [xAuth] Disabling xAuth v2.0.5" but it still works?
    EDIT: tested another thing: Copied all required files from xAUTH to new directory with bukkit,world,libs etc.
    Its no other plugin which "corrupts" it. Deleted the xAUTH dir and recreated the files. Another Error... Perhaps there is some failure with h2 and Linux?
    http://pastebin.com/HjvYehL6
    Here complete log. Perhaps it helps.
     
  17. Offline

    Kozzy68

    hi why was removed option to store data in file or some sqllite ? Its bit a waste to install mysql for medium or smaller servers.
     
  18. Offline

    Hydrosis

    That's what H2 is for?
     
  19. Offline

    leoxx2100

    This is really awesome, thank you ;)
     
  20. Offline

    ScrimCraft

    How do you convert CAuth's database to this? I want my players to have the same password
     
  21. Offline

    Doenerb0y

    please help ._.
     
  22. Offline

    chas13

    What should i do if an account is locked for pass wrong to muchtimes ?? how can i unlock it?
     
  23. Offline

    beleg

    go into your database and remove him from the lockouts table
     
  24. Offline

    Heliwr

    I am using this plugin on my server to mitigate Mojang's broken security after someone attempted a session hijack on me, however I can't seem to get it to do what I'm hoping for.

    Ideally, I would like to have only my mods and admins go through the extra register/login process and not burden my users with it. I have set forced: false in the config and given mods and admins the xauth.register permission, however all users are still being required to register/login before they can play.

    Is there a way to only require registered players to login before playing, and still allow unregistered players to play normally?
     
  25. Offline

    Ketrel

    That should work. Did you do an "/xauth reload" after changing the config to disable the forced?
     
  26. Offline

    Heliwr

    I did reload the plugin, but it still requires unregistered users to register and login before they can use any commands other than the ones listed in the config.
     
  27. Offline

    ScrimCraft

    HELP!!!!!!! HOW DO YOU TRANSFER THE PASSWORD DATABASE FROM AuthMe v2.5.1 DO THIS!!! :(
     
  28. Offline

    DardoTheMaster

    o shit,there's a bug...59)
    at net.minecraft.server.NetServerHandler.disconnect(NetServerHandler.java:136)
    at org.bukkit.craftbukkit.entity.CraftPlayer.kickPlayer(CraftPlayer.java:220)
    at com.cypherx.xauth.xAuthScheduler$2.run(xAuthScheduler.java:28)
    at org.bukkit.craftbukkit.scheduler.CraftWorker.run(CraftWorker.java:34)
    17:11:50 [INFO] This error is logged only once: it could have occurred multiple times by now.
    17:11:50 [INFO] Please contact one of the authors of plugin 'xAuth': CypherX
    17:11:50 [WARNING] Could not properly handle event PLAYER_QUIT:
    java.lang.IllegalAccessError: Synchronized code got accessed from another thread: com.cypherx.xauth.xAuthScheduler$2
    at org.bukkit.event.Listener.onPlayerQuit(Listener:0)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
    at java.lang.reflect.Method.invoke(Method.java:616)
    at org.bukkit.plugin.java.JavaPluginLoader$1.execute(JavaPluginLoader.java:301)
    at org.bukkit.plugin.RegisteredListener.callEvent(RegisteredListener.java:62)
    at org.bukkit.plugin.SimplePluginManager.callEvent(SimplePluginManager.java:459)
    at net.minecraft.server.ServerConfigurationManager.disconnect(ServerConfigurationManager.java:179)
    at net.minecraft.server.NetServerHandler.disconnect(NetServerHandler.java:158)
    at org.bukkit.craftbukkit.entity.CraftPlayer.kickPlayer(CraftPlayer.java:220)
    at com.cypherx.xauth.xAuthScheduler$2.run(xAuthScheduler.java:28)
    at org.bukkit.craftbukkit.scheduler.CraftWorker.run(CraftWorker.java:34)
    17:11:50 [INFO] This error is logged only once: it could have occurred multiple times by now.
    17:11:50 [INFO] Please contact one of the authors of plugin 'xAuth': CypherX
    17:11:50 [WARNING] Could not properly handle event PLAYER_TELEPORT:
    java.lang.IllegalAccessError: Synchronized code got accessed from another thread: com.cypherx.xauth.xAuthScheduler$2
    at org.bukkit.event.Listener.onPlayerTeleport(Listener:0)
    at sun.reflect.GeneratedMethodAccessor111.invoke(Unknown Source)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
    at java.lang.reflect.Method.invoke(Method.java:616)
    at org.bukkit.plugin.java.JavaPluginLoader$1.execute(JavaPluginLoader.java:301)
    at org.bukkit.plugin.RegisteredListener.callEvent(RegisteredListener.java:62)
    at org.bukkit.plugin.SimplePluginManager.callEvent(SimplePluginManager.java:459)
    at org.bukkit.craftbukkit.entity.CraftPlayer.teleport(CraftPlayer.java:347)
    at org.bukkit.craftbukkit.entity.CraftEntity.teleport(CraftEntity.java:167)
    at com.cypherx.xauth.PlayerDataHandler.restoreData(PlayerDataHandler.java:203)
    at com.cypherx.xauth.PlayerManager.unprotect(PlayerManager.java:173)
    at com.cypherx.xauth.listeners.xAuthPlayerListener.onPlayerQuit(xAuthPlayerListener.java:86)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
    at java.lang.reflect.Method.invoke(Method.java:616)
    at org.bukkit.plugin.java.JavaPluginLoader$1.execute(JavaPluginLoader.java:301)
    at org.bukkit.plugin.RegisteredListener.callEvent(RegisteredListener.java:62)
    at org.bukkit.plugin.SimplePluginManager.callEvent(SimplePluginManager.java:459)
    at net.minecraft.server.ServerConfigurationManager.disconnect(ServerConfigurationManager.java:179)
    at net.minecraft.server.NetServerHandler.disconnect(NetServerHandler.java:158)
    at org.bukkit.craftbukkit.entity.CraftPlayer.kickPlayer(CraftPlayer.java:220)
    at com.cypherx.xauth.xAuthScheduler$2.run(xAuthScheduler.java:28)
    at org.bukkit.craftbukkit.scheduler.CraftWorker.run(CraftWorker.java:34)
    17:11:50 [INFO] This error is logged only once: it could have occurred multiple times by now.
    17:11:50 [INFO] Please contact one of the authors of plugin 'xAuth': CypherX
     
  29. Offline

    rareshutzu

    Quick question: How do I let 2 brothers play on the server at the same time? It won't let one of them register because his ip is registered with his brother account.
     
  30. Offline

    Heliwr

    Increase account-limit to 2.
     
  31. Offline

    rareshutzu

    Thank you very much!
     
Thread Status:
Not open for further replies.

Share This Page