Inactive [SEC] xAuth v2.0.10 - Extra Authentication [1.2.5-R1.3+]

Discussion in 'Inactive/Unsupported Plugins' started by CypherX, Mar 15, 2011.

Thread Status:
Not open for further replies.
  1. Offline


    xAuth v2.0.10 - (CraftBukkit build: [1.2.5-R1.3+])
    Download v2.0.10

    lycano is taking over the development of xAuth as I no longer have the time nor the will to continue working on it. Please see the BukkitDev page:

    Thanks to everyone who has showed support for me and xAuth over the past 17 months. It's been 'fun'. If for any reason you need to contact me, stop by my IRC channel ( #LoveDespite) or toss me a message at Until we meet again, stay gold. Bang.


    xAuth is a plugin designed with a single task in mind: protect a server and its players while running in offline-mode. The basic idea of this protection is allowing players to register an account based on their player name and a supplied password. When a registered player connects to the server, that player will be prompted to authenticate his or herself by logging in. If and only if a valid password is supplied, they will regain full control of their account until their session expires.

    • Before registering/logging in, players cannot:
      • Chat, execute commands, interact with objects (levers, chests, etc.), move, or pickup items.
      • Break or place blocks
      • Receive or give damage, be targeted (followed) by hostile mobs
    • Inventory and location protection
    • In-depth setting and message configuration
    • Persistent login sessions through server restarts
    • Player name filter and password complexity configuration
    • Kick non-logged in (but registered) players after a configurable amount of time
    • Bukkit Permissions support
    • Kick or temporarily lockout the IP address of a player who fails to log in after a configurable amount of tries
    • Custom, highly secure password hashing
    • H2 and MySQL support
    • Authentication over URL (AuthURL) allows for connection to forum or website databases
    Changelog (click for full changelog)
    • Version 2.0.10
      • [Fixed] Exploit to completely bypass login system.
      • [Fixed] xAuth commands not working with Rcon
      • [Fixed] Exploiting login system to avoid fire & drowning damage.
      • [Fixed] NPE caused by player connecting & disconnecting during same server tick.
      • [Fixed] 'Table "SESSIONS" not found' error when a player uses /logout while session length is set to zero.
      • [Fixed] Exploiting location protection after dieing to return to the spot of death.
    • Version 2.0.9
      • Added several reverse single session configuration options.
      • Fixed registration.forced: false not working.
      • Updated version check and H2 download links.
    xAuth Importer
    xAuth Importer is a tool used to import accounts from previous versions of xAuth as well as other authentication plugins. Click here for more information.
  2. Offline


    Is authurl.enabled set to true in the configuration?
  3. Offline


    Are you serious? aka yes -.-'
    I am usin this since this function is out, i even wrote a bridge to joomla and phpbb, while you were absent..
    Even if url is set to an plain HTML "YES" page nothin happenins on /login PW
  4. Offline


    how i enable force-single-session,
    and is it secure now - without spout,
    when using 1.2.5-R1.3 ?

    (spout makes a little problem, it disable oreobfuscator anti x-ray)
  5. Offline


    Is it possible for non-premium players to create their own names? Like what AuthPlayer does.
  6. Offline


    i have problem, when new people join my server it says that they cannot register any more accounts.Help!!!
  7. Offline


    When you say "nothing happens" when /login is used, does that mean that it doesn't respond at all or does it output a message?

    Not yet, I plan to release an update this weekend that will enable that for all servers running 1.2.5-R1.3.

    This plugin does exactly what AuthPlayer does but has more features and is more secure.

    Change the registration.account-limit configuration option.
  8. Offline


    You could make this converter AuthMe to xauth?
  9. Offline


    How can solve this problem?


    Something went wrong while logging you in!!!!!!

    How to solve this error?

  10. Offline


    Nothing happens. Means nothing happens. No console entry, no chat entry, nothing.

    Check your console output.. Probably wrong SQL credentials.
  11. Offline


    thanks :D
  12. Offline


    You could make this converter AuthMe to xauth?
  13. Offline


    That means that either the command isn't be registered or it's being blocked by another plugin.

    1. Re-download the plugin to make sure it isn't corrupt.
    2. If that doesn't work, use /pl in-game to verify that xAuth is listed and green.
    3. If the previous step is true, make sure you aren't using another plugin that could be blocking the command from being executed.
  14. Offline


    i had this problem in the past
    what was caused by Tim the enchanter plugin,
    was the corrupted database...
    i know this is fixed now, but was the same error


    check your database for corrupted entrances
  15. Offline


    Please HELP MY Using xAuth 2.0.7 and have this problem..>
    When using > /xauth location set global , and any player go to nether and logout>> SAY HIM "INTERNAL SERVER ERROR" and spam in console this problem.... Please Help my.. And when i don't set Location (global)>> all NEW PLAYER Respawning ON RANDOM PLACE... please help me >>
    My email : [email protected]
    skype : dcshoeoo
  16. Offline


    As i said, i already recreated the tables and as i said aswell my plugins are:
    BUT a'm usin xauth with the db (no authurl) now, while this whole authurl isnt working, and the /login command works fine with that....
  17. Offline


    i have next problem: when i open mysql server it close without any commands
    anybody haelp me?
  18. Offline


    You could make this converter AuthMe to xauth?
  19. Offline


    Nothing changed with AuthURL from the version you were using to the latest version and like I said, it's only happening to you so I have no idea what's wrong.

    Spamming my thread will accomplish nothing besides pissing me off. Fuck off kid.
  20. Offline


    Please help my with this problem :(((
  21. Offline


    Thats why i ask you to send me your example php... ive seen sum stuff (like ip as postparameter?!) in the code which seems to be not in my script yet..
  22. Offline


    How to improt password database, from authme to xauth?
  23. Offline


    Updated to version 2.0.8:
    • All spawn location issues should be fixed.
    • Internal Server errors while joining should be fixed.
    • Reverse-enforce-single-session fully re-implemented for those using CraftBukkit 1.2.5-R1.3 or later.
    A note on reverse-enforce-single-session:
    The full re-implementation of this feature is the result of a fixed bug in CraftBukkit 1.2.5-R1.3. If your server is running CraftBukkit 1.2.5-R1.3 or later, grab the second download (2.0.8b), otherwise grab the first download (2.0.8a). Using the incorrect xAuth build can and will allow your server to be exploited. Also, there's no configuration option to disable it. One can be added if requested.

    xAuth Importer has also been updated to add support for importing from AuthMe. See this page for more information.
  24. Offline


    SQL problem when upgrading from 2.0.4 to 2.0.8.


    I think I've fixed it. I just removed all of the tables except for accounts. It failed to create the accounts table obviously, but it create the other tables just fine. On a side note... I notice that the locations and playerdata tables are seldom used. Actually, I had nothing in my locations table after running for about a month. Is this normal? I'm guessing that they only store temporary data, but I just want to make sure something's not horribly wrong here. Thanks for making my job tons easier Cypher!
  25. Offline


    What did you do to your DBVERSION file?
  26. Offline


    wowowo thx for importer :D
  27. I need xAuth for beta 1.5
  28. Offline


    why is this not on bukkitdev ?

    is this safe to use ? Ive got exploited once with xAuth , now i was using AuthMe reloaded witch isnt updated and its causing some issues.

    Thanks alot for the attention !
  29. Offline


    wow this is awesome.
    thaks for readding force singlesession :)


    it is safe
  30. Offline


    BukkitDev & Curse are trash so I refuse to use them. Yes it's safe, there aren't any known issues at this time.
  31. Offline


    You'd finally write this converter? Sorry for the spam, but many people want to go with authme for your plugin
Thread Status:
Not open for further replies.

Share This Page