Inactive [SEC] xAuth v2.0.10 - Extra Authentication [1.2.5-R1.3+]

Discussion in 'Inactive/Unsupported Plugins' started by CypherX, Mar 15, 2011.

Thread Status:
Not open for further replies.
  1. Offline

    CypherX

    xAuth v2.0.10 - (CraftBukkit build: [1.2.5-R1.3+])
    Download v2.0.10

    lycano is taking over the development of xAuth as I no longer have the time nor the will to continue working on it. Please see the BukkitDev page: http://dev.bukkit.org/server-mods/xauth/

    Thanks to everyone who has showed support for me and xAuth over the past 17 months. It's been 'fun'. If for any reason you need to contact me, stop by my IRC channel (irc.rizon.net #LoveDespite) or toss me a message at http://love-despite.com/forum. Until we meet again, stay gold. Bang.

    ------------------------------------------------------------------​

    xAuth is a plugin designed with a single task in mind: protect a server and its players while running in offline-mode. The basic idea of this protection is allowing players to register an account based on their player name and a supplied password. When a registered player connects to the server, that player will be prompted to authenticate his or herself by logging in. If and only if a valid password is supplied, they will regain full control of their account until their session expires.


    Features
    • Before registering/logging in, players cannot:
      • Chat, execute commands, interact with objects (levers, chests, etc.), move, or pickup items.
      • Break or place blocks
      • Receive or give damage, be targeted (followed) by hostile mobs
    • Inventory and location protection
    • In-depth setting and message configuration
    • Persistent login sessions through server restarts
    • Player name filter and password complexity configuration
    • Kick non-logged in (but registered) players after a configurable amount of time
    • Bukkit Permissions support
    • Kick or temporarily lockout the IP address of a player who fails to log in after a configurable amount of tries
    • Custom, highly secure password hashing
    • H2 and MySQL support
    • Authentication over URL (AuthURL) allows for connection to forum or website databases
    Changelog (click for full changelog)
    • Version 2.0.10
      • [Fixed] Exploit to completely bypass login system.
      • [Fixed] xAuth commands not working with Rcon
      • [Fixed] Exploiting login system to avoid fire & drowning damage.
      • [Fixed] NPE caused by player connecting & disconnecting during same server tick.
      • [Fixed] 'Table "SESSIONS" not found' error when a player uses /logout while session length is set to zero.
      • [Fixed] Exploiting location protection after dieing to return to the spot of death.
    • Version 2.0.9
      • Added several reverse single session configuration options.
      • Fixed registration.forced: false not working.
      • Updated version check and H2 download links.
    xAuth Importer
    xAuth Importer is a tool used to import accounts from previous versions of xAuth as well as other authentication plugins. Click here for more information.
     
  2. Offline

    Mentalist

    Code:
    05.11 17:40:45 [Disconnect] User eliasmg has disconnected, reason: unknown
    05.11 17:40:45 [Server] INFO     at net.minecraft.server.ThreadServerApplication.run(SourceFile:417)
    05.11 17:40:45 [Server] INFO     at net.minecraft.server.MinecraftServer.run(MinecraftServer.java:374)
    05.11 17:40:45 [Server] INFO     at net.minecraft.server.MinecraftServer.h(MinecraftServer.java:471)
    05.11 17:40:45 [Server] INFO     at net.minecraft.server.NetworkListenThread.a(SourceFile:94)
    05.11 17:40:45 [Server] INFO     at net.minecraft.server.NetLoginHandler.a(NetLoginHandler.java:46)
    05.11 17:40:45 [Server] INFO     at net.minecraft.server.NetworkManager.b(NetworkManager.java:226)
    05.11 17:40:45 [Server] INFO     at net.minecraft.server.Packet1Login.a(SourceFile:59)
    05.11 17:40:45 [Server] INFO     at net.minecraft.server.NetLoginHandler.a(NetLoginHandler.java:80)
    05.11 17:40:45 [Server] INFO     at net.minecraft.server.NetLoginHandler.b(NetLoginHandler.java:121)
    05.11 17:40:45 [Server] INFO     at net.minecraft.server.ServerConfigurationManager.c(ServerConfigurationManager.java:129)
    05.11 17:40:45 [Server] INFO     at org.bukkit.plugin.SimplePluginManager.callEvent(SimplePluginManager.java:339)
    05.11 17:40:45 [Server] INFO     at org.bukkit.plugin.RegisteredListener.callEvent(RegisteredListener.java:58)
    05.11 17:40:45 [Server] INFO     at org.bukkit.plugin.java.JavaPluginLoader$1.execute(JavaPluginLoader.java:260)
    05.11 17:40:45 [Server] INFO     at com.cypherx.xauth.listeners.xAuthPlayerListener.onPlayerJoin(xAuthPlayerListener.java:68)
    05.11 17:40:45 [Server] INFO     at com.cypherx.xauth.xAuth.createGuest(xAuth.java:270)
    05.11 17:40:45 [Server] INFO     at com.cypherx.xauth.xAuth.protect(xAuth.java:286)
    05.11 17:40:45 [Server] INFO java.lang.NullPointerException
    What's going on here? this is read from the buttom up.
     
  3. Offline

    Temaska

    On player join I have this error:

    Code:
    2011-11-06 11:33:13 [SEVERE] [xAuth] SQL query failure [write] (INSERT INTO `sessions` VALUES (?, ?, ?))
    com.mysql.jdbc.exceptions.jdbc4.MySQLIntegrityConstraintViolationException: Cannot add or update a child row: a foreign key constraint fails (`minecraft`.`sessions`, CONSTRAINT `sessions_ibfk_1` FOREIGN KEY (`accountid`) REFERENCES `accounts0` (`id`) ON DELETE CASCADE)
        at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
        at sun.reflect.NativeConstructorAccessorImpl.newInstance(Unknown Source)
        at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(Unknown Source)
        at java.lang.reflect.Constructor.newInstance(Unknown Source)
        at com.mysql.jdbc.Util.handleNewInstance(Util.java:407)
        at com.mysql.jdbc.Util.getInstance(Util.java:382)
        at com.mysql.jdbc.SQLError.createSQLException(SQLError.java:1039)
        at com.mysql.jdbc.MysqlIO.checkErrorPacket(MysqlIO.java:3593)
        at com.mysql.jdbc.MysqlIO.checkErrorPacket(MysqlIO.java:3525)
        at com.mysql.jdbc.MysqlIO.sendCommand(MysqlIO.java:1986)
        at com.mysql.jdbc.MysqlIO.sqlQueryDirect(MysqlIO.java:2140)
        at com.mysql.jdbc.ConnectionImpl.execSQL(ConnectionImpl.java:2626)
        at com.mysql.jdbc.PreparedStatement.executeInternal(PreparedStatement.java:2111)
        at com.mysql.jdbc.PreparedStatement.executeUpdate(PreparedStatement.java:2407)
        at com.mysql.jdbc.PreparedStatement.executeUpdate(PreparedStatement.java:2325)
        at com.mysql.jdbc.PreparedStatement.executeUpdate(PreparedStatement.java:2310)
        at com.cypherx.xauth.database.Database.queryWrite(Database.java:90)
        at com.cypherx.xauth.database.DbUtil.insertSession(DbUtil.java:89)
        at com.cypherx.xauth.xAuth.login(xAuth.java:361)
        at com.cypherx.xauth.commands.RegisterCommand.onCommand(RegisterCommand.java:59)
        at org.bukkit.command.PluginCommand.execute(PluginCommand.java:40)
        at org.bukkit.command.SimpleCommandMap.dispatch(SimpleCommandMap.java:163)
        at org.bukkit.craftbukkit.CraftServer.dispatchCommand(CraftServer.java:358)
        at net.minecraft.server.NetServerHandler.handleCommand(NetServerHandler.java:757)
        at net.minecraft.server.NetServerHandler.chat(NetServerHandler.java:722)
        at net.minecraft.server.NetServerHandler.a(NetServerHandler.java:715)
        at net.minecraft.server.Packet3Chat.a(Packet3Chat.java:33)
        at net.minecraft.server.NetworkManager.b(NetworkManager.java:226)
        at net.minecraft.server.NetServerHandler.a(NetServerHandler.java:92)
        at net.minecraft.server.NetworkListenThread.a(SourceFile:108)
        at net.minecraft.server.MinecraftServer.h(MinecraftServer.java:471)
        at net.minecraft.server.MinecraftServer.run(MinecraftServer.java:374)
        at net.minecraft.server.ThreadServerApplication.run(SourceFile:417)
     
  4. Offline

    webik

    what is this?
    Show Spoiler
    Code:
    11:52:09 [INFO] [xAuth] 'Permissions' v3.1.6 support enabled!
    11:52:10 [INFO] [xAuth] Connection to database established!
    11:52:10 [INFO] [xAuth] Updating database..
    11:52:10 [SEVERE] [xAuth] SQL query failure [write] (ALTER TABLE `strikes` DROP
    COLUMN IF EXISTS `host`)
    org.h2.jdbc.JdbcSQLException: Column "IF" not found; SQL statement:
    ALTER TABLE `strikes` DROP COLUMN IF EXISTS `host` [42122-155]
            at org.h2.message.DbException.getJdbcSQLException(DbException.java:327)
            at org.h2.message.DbException.get(DbException.java:167)
            at org.h2.message.DbException.get(DbException.java:144)
            at org.h2.table.Table.getColumn(Table.java:585)
            at org.h2.command.Parser.parseAlterTable(Parser.java:4818)
            at org.h2.command.Parser.parseAlter(Parser.java:4281)
            at org.h2.command.Parser.parsePrepared(Parser.java:302)
            at org.h2.command.Parser.parse(Parser.java:275)
            at org.h2.command.Parser.parse(Parser.java:247)
            at org.h2.command.Parser.prepare(Parser.java:201)
            at org.h2.command.Parser.prepareCommand(Parser.java:214)
            at org.h2.engine.Session.prepareLocal(Session.java:427)
            at org.h2.engine.Session.prepareCommand(Session.java:375)
            at org.h2.jdbc.JdbcConnection.prepareCommand(JdbcConnection.java:1088)
            at org.h2.jdbc.JdbcPreparedStatement.<init>(JdbcPreparedStatement.java:7
    1)
            at org.h2.jdbc.JdbcConnection.prepareStatement(JdbcConnection.java:241)
            at com.cypherx.xauth.database.Database.queryWrite(Database.java:85)
            at com.cypherx.xauth.database.DbUpdate.update(DbUpdate.java:61)
            at com.cypherx.xauth.database.DbUpdate.update(DbUpdate.java:39)
            at com.cypherx.xauth.xAuth.onEnable(xAuth.java:101)
            at org.bukkit.plugin.java.JavaPlugin.setEnabled(JavaPlugin.java:126)
            at org.bukkit.plugin.java.JavaPluginLoader.enablePlugin(JavaPluginLoader
    .java:941)
            at org.bukkit.plugin.SimplePluginManager.enablePlugin(SimplePluginManage
    r.java:280)
            at org.bukkit.craftbukkit.CraftServer.loadPlugin(CraftServer.java:174)
            at org.bukkit.craftbukkit.CraftServer.enablePlugins(CraftServer.java:157
    )
            at org.bukkit.craftbukkit.CraftServer.reload(CraftServer.java:416)
            at org.bukkit.Bukkit.reload(Bukkit.java:182)
            at org.bukkit.command.defaults.ReloadCommand.execute(ReloadCommand.java:
    22)
            at org.bukkit.command.SimpleCommandMap.dispatch(SimpleCommandMap.java:16
    3)
            at org.bukkit.craftbukkit.CraftServer.dispatchCommand(CraftServer.java:3
    58)
            at org.bukkit.craftbukkit.CraftServer.dispatchCommand(CraftServer.java:3
    54)
            at net.minecraft.server.MinecraftServer.b(MinecraftServer.java:506)
            at net.minecraft.server.MinecraftServer.h(MinecraftServer.java:485)
            at net.minecraft.server.MinecraftServer.run(MinecraftServer.java:374)
            at net.minecraft.server.ThreadServerApplication.run(SourceFile:417)
    11:52:10 [SEVERE] [xAuth] Database update (3 -> 4) failed!
    11:52:10 [INFO] [xAuth] v2.0b4.3 Disabled!
     
  5. Offline

    Keetveter

    It's sad CypherX doesn't comment on things posted here :(
     
  6. Offline

    robxu9

    Hi

    Can you update your authURL example script for SMF? I have the base of it down, but because it keeps checking smf_themes, it keeps failing :( I tried removing that part, but it threw warnings...
     
  7. Offline

    enkious

    If nobody is going to help me with freakin mysql.
    Then can someone tell me the location to find the email and passwords people have registered with???
     
  8. Offline

    kropto

    Code:
    00:50:09 [SEVERE] [xAuth] SQL query failure [read] (SELECT a.*, s.* FROM `accounts` a LEFT JOIN `sessions` s ON a.id = s.accountid WHERE `playername` = ?)
    com.mysql.jdbc.exceptions.jdbc4.CommunicationsException: Communications link failure
    http://pastebin.com/2QezRHqF
     
  9. Offline

    moparisthebest


    It's correct if the username you want to check is an additional field called 'Minecraft Name' or something similar, if you want to instead check the actual username, feel free to modify it to do that.
     
  10. Offline

    SulimirCular

    I've got a problem..
    XAuth wont create the mqsql tables.

    Code:
    2011-11-07 12:10:11 [INFO] [xAuth] 'Permissions' v2.7.2 support enabled!
    2011-11-07 12:10:12 [INFO] [xAuth] Connection to database established!
    2011-11-07 12:10:12 [SCHWERWIEGEND] [xAuth] SQL query failure [write] (DELETE FROM `sessions` WHERE NOW() > ADDDATE(`logintime`, INTERVAL 3600 SECOND))
    com.mysql.jdbc.exceptions.jdbc4.MySQLSyntaxErrorException: Table 'd011228b.sessions' doesn't exist
    2011-11-07 12:10:12 [SCHWERWIEGEND] [xAuth] SQL query failure [read] (SELECT * FROM `tele_locations`)
    com.mysql.jdbc.exceptions.jdbc4.MySQLSyntaxErrorException: Table 'd011228b.tele_locations' doesn't exist
    2011-11-07 12:10:12 [SCHWERWIEGEND] Error occurred while enabling xAuth v2.0b4.3 (Is it up to date?): null
     
  11. Offline

    hqSparx

    how can i switch from authme to xauth? i want to prevent users from logging on anothers nicks
     
  12. Offline

    jespertheend

    So, when verifyip is set to true, you don't have to tell your password unless when you're on another ip?
    Or do I have to change another setting?
     
  13. Offline

    robxu9

    How would I be able to do that? It's just simply not working any way I modify it. :-\
     
  14. Offline

    enkious

    How can i Find my Users, and passwords??????
    Anyone????

    All passwords are hashed? wtf..
    is there a plugin where i can give a password i Designate someone?

    EDIT by Moderator: merged posts, please use the edit button instead of double posting.
     
    Last edited by a moderator: Jul 17, 2016
  15. @up

    Unfortunately, it's true and I don't know what i should do now.

    Any alternative?
     
  16. Offline

    Ziden

    Im onlt accepting original accounts.​
     
    vaverix likes this.
  17. Perhaps this is the only way at the moment.
    So now im waiting for plugin update.
    Thanks.
     
  18. Offline

    The Wizard

    @CypherX
    In the next update please force players to enter with the exact name they have register.
    If a player register with Player_Name and login with player_name I have some problems with other plugins.
     
  19. Offline

    jespertheend

    What dit I do wrong?

     
  20. Offline

    Krazy

    Code:
    2011-11-11 14:10:25 [SEVERE] [xAuth] SQL query failure [write] (INSERT INTO `strikes` VALUES (?, ?, ?))
    org.h2.jdbc.JdbcSQLException: Column count does not match; SQL statement:
    INSERT INTO `strikes` VALUES (?, ?, ?) [21002-159]
        at org.h2.message.DbException.getJdbcSQLException(DbException.java:329)
        at org.h2.message.DbException.get(DbException.java:169)
        at org.h2.message.DbException.get(DbException.java:146)
        at org.h2.message.DbException.get(DbException.java:135)
        at org.h2.command.dml.Insert.prepare(Insert.java:226)
        at org.h2.command.Parser.prepareCommand(Parser.java:218)
        at org.h2.engine.Session.prepareLocal(Session.java:415)
        at org.h2.engine.Session.prepareCommand(Session.java:364)
        at org.h2.jdbc.JdbcConnection.prepareCommand(JdbcConnection.java:1119)
        at org.h2.jdbc.JdbcPreparedStatement.<init>(JdbcPreparedStatement.java:71)
        at org.h2.jdbc.JdbcConnection.prepareStatement(JdbcConnection.java:267)
        at com.cypherx.xauth.database.Database.queryWrite(Database.java:85)
        at com.cypherx.xauth.database.DbUtil.insertStrike(DbUtil.java:145)
        at com.cypherx.xauth.commands.LoginCommand.onCommand(LoginCommand.java:52)
        at org.bukkit.command.PluginCommand.execute(PluginCommand.java:40)
        at org.bukkit.command.SimpleCommandMap.dispatch(SimpleCommandMap.java:163)
        at org.bukkit.craftbukkit.CraftServer.dispatchCommand(CraftServer.java:355)
        at net.minecraft.server.NetServerHandler.handleCommand(NetServerHandler.java:757)
        at net.minecraft.server.NetServerHandler.chat(NetServerHandler.java:722)
        at net.minecraft.server.NetServerHandler.a(NetServerHandler.java:715)
        at net.minecraft.server.Packet3Chat.a(Packet3Chat.java:33)
        at net.minecraft.server.NetworkManager.b(NetworkManager.java:226)
        at net.minecraft.server.NetServerHandler.a(NetServerHandler.java:92)
        at net.minecraft.server.NetworkListenThread.a(SourceFile:108)
        at net.minecraft.server.MinecraftServer.h(MinecraftServer.java:471)
        at net.minecraft.server.MinecraftServer.run(MinecraftServer.java:374)
        at net.minecraft.server.ThreadServerApplication.run(SourceFile:417)
    2011-11-11 14:10:27 [INFO] /189.7.98.145:52123 lost connection
     
  21. @CypherX
    I am not sure if this was already discussed, but I was wondering if you could provide some help on something I am working on. I have a php script that I am building to use with my website, I want to compare hashes of the passwords between the database and user input via the website for verification. How would I build the hash string in php to get the same results as your xauth plugin?
     
  22. Offline

    BarelyMissed

    https://github.com/CypherX/xAuth/wiki/Password-Hashing

    If you scroll down to "PHP Function" he provides you with a function you can call in your php script. :)
     
  23. Thanks @BarelyMissed. I can't believe I didn't find that myself, it's right on his GitHub.
     
  24. Offline

    ShootToMaim

    I don't like how with this plugin, you have to use /logout for your position to save properly.
    I mean, with AuthMe, you don't have to use this procedure.
     
  25. I've never had this issue
     
  26. Offline

    matix931

    Make it compatible with enchanting, becouse if plugin hide your eq you lose all your bonuses in tools
     
    GameFAQsRolo likes this.
  27. Offline

    Fishfish0001

    Im getting this error, and it is lagging my badly. All I did was reset the map, and this happens constantly now. It also corrupted my entire database, so I had to delete it.

    Code:
    2011-11-13 15:38:30 [INFO] [xAuth] 'Permissions' v2.7.7 support enabled!
    2011-11-13 15:38:30 [INFO] [xAuth] Connection to database established!
    2011-11-13 15:38:30 [INFO] [xAuth] Accounts: 83, Sessions: 35
    2011-11-13 15:38:31 [SEVERE] Error occurred while enabling xAuth v2.0b4.3 (Is it up to date?): null
    java.lang.NullPointerException
        at com.cypherx.xauth.util.Util.getHostFromPlayer(Util.java:86)
        at com.cypherx.xauth.xAuthPlayer.isAuthenticated(xAuthPlayer.java:47)
        at com.cypherx.xauth.xAuth.handleReload(xAuth.java:246)
        at com.cypherx.xauth.xAuth.onEnable(xAuth.java:118)
        at org.bukkit.plugin.java.JavaPlugin.setEnabled(JavaPlugin.java:174)
        at org.bukkit.plugin.java.JavaPluginLoader.enablePlugin(JavaPluginLoader.java:957)
        at org.bukkit.plugin.SimplePluginManager.enablePlugin(SimplePluginManager.java:280)
        at org.bukkit.craftbukkit.CraftServer.loadPlugin(CraftServer.java:171)
        at org.bukkit.craftbukkit.CraftServer.enablePlugins(CraftServer.java:154)
        at org.bukkit.craftbukkit.CraftServer.reload(CraftServer.java:413)
        at org.bukkit.Bukkit.reload(Bukkit.java:182)
        at org.bukkit.command.defaults.ReloadCommand.execute(ReloadCommand.java:22)
        at org.bukkit.command.SimpleCommandMap.dispatch(SimpleCommandMap.java:163)
        at org.bukkit.craftbukkit.CraftServer.dispatchCommand(CraftServer.java:355)
        at org.bukkit.craftbukkit.CraftServer.dispatchCommand(CraftServer.java:351)
        at net.minecraft.server.MinecraftServer.b(MinecraftServer.java:506)
        at net.minecraft.server.MinecraftServer.h(MinecraftServer.java:485)
        at net.minecraft.server.MinecraftServer.run(MinecraftServer.java:374)
        at net.minecraft.server.ThreadServerApplication.run(SourceFile:417)
    Using 1337 with latest xAuth. Only new plugin is EasyBans, could that have caused it?
     
  28. @CypherX
    I would like to see a command that shows the coordinates a player will be teleported to after the logging in.
    Code:
    /xauth (location|loc) (set|remove) [global]
    Maybe:
    Code:
    /xauth (location|loc) (look|set|remove) [global]
    And the second is:
    a command that compares passwords of two players.
    Example: /xauth pass <troollll> <newbie>
    Output:
    They have the same password!
    They have different passwords!
    That would help us to catch some griefers/multiaccounts.

    Please, please add it!

    UPD: I also would like to see a command that checks whether a player is registered or not.
    Thanks very much!
     
  29. Offline

    ghost0001

    probably already answered, but i cant seem to get this to work on my openSUSE distro. i installed xampp for mysql support and configured everything similar to my windows server i ran before. i keep getting an access denied for username "what ever i put"@localhost using password:YES. I have checked the password, made a new account with all permissions and checked the config.yml to be sure i typed it in correctly. i have all my lib's from my windows server. what could I possibly be missing? any help would be greatly welcome.
     
  30. Offline

    robxu9

    I use openSUSE on a daily basis. I even have a server running suse; and I've never had problems. What do you mean XAMPP for MySQL?
     
  31. Offline

    hqSparx

    please, please add support for authme's hashes / import thingy : <
     
Thread Status:
Not open for further replies.

Share This Page