xAuth v2.0.10 - (CraftBukkit build: [1.2.5-R1.3+]) Download v2.0.10 lycano is taking over the development of xAuth as I no longer have the time nor the will to continue working on it. Please see the BukkitDev page: http://dev.bukkit.org/server-mods/xauth/ Thanks to everyone who has showed support for me and xAuth over the past 17 months. It's been 'fun'. If for any reason you need to contact me, stop by my IRC channel (irc.rizon.net #LoveDespite) or toss me a message at http://love-despite.com/forum. Until we meet again, stay gold. Bang. ------------------------------------------------------------------ xAuth is a plugin designed with a single task in mind: protect a server and its players while running in offline-mode. The basic idea of this protection is allowing players to register an account based on their player name and a supplied password. When a registered player connects to the server, that player will be prompted to authenticate his or herself by logging in. If and only if a valid password is supplied, they will regain full control of their account until their session expires. Video Tutorial | Commands & Permissions | Configuration | Messages | Translations | Source | Donate! Features Before registering/logging in, players cannot: Chat, execute commands, interact with objects (levers, chests, etc.), move, or pickup items. Break or place blocks Receive or give damage, be targeted (followed) by hostile mobs Inventory and location protection In-depth setting and message configuration Persistent login sessions through server restarts Player name filter and password complexity configuration Kick non-logged in (but registered) players after a configurable amount of time Bukkit Permissions support Kick or temporarily lockout the IP address of a player who fails to log in after a configurable amount of tries Custom, highly secure password hashing H2 and MySQL support Authentication over URL (AuthURL) allows for connection to forum or website databases Changelog (click for full changelog) Version 2.0.10 [Fixed] Exploit to completely bypass login system. [Fixed] xAuth commands not working with Rcon [Fixed] Exploiting login system to avoid fire & drowning damage. [Fixed] NPE caused by player connecting & disconnecting during same server tick. [Fixed] 'Table "SESSIONS" not found' error when a player uses /logout while session length is set to zero. [Fixed] Exploiting location protection after dieing to return to the spot of death. Version 2.0.9 Added several reverse single session configuration options. Fixed registration.forced: false not working. Updated version check and H2 download links. xAuth Importer xAuth Importer is a tool used to import accounts from previous versions of xAuth as well as other authentication plugins. Click here for more information.