Inactive [SEC] xAuth v2.0.10 - Extra Authentication [1.2.5-R1.3+]

Discussion in 'Inactive/Unsupported Plugins' started by CypherX, Mar 15, 2011.

Thread Status:
Not open for further replies.
  1. Offline


    xAuth v2.0.10 - (CraftBukkit build: [1.2.5-R1.3+])
    Download v2.0.10

    lycano is taking over the development of xAuth as I no longer have the time nor the will to continue working on it. Please see the BukkitDev page:

    Thanks to everyone who has showed support for me and xAuth over the past 17 months. It's been 'fun'. If for any reason you need to contact me, stop by my IRC channel ( #LoveDespite) or toss me a message at Until we meet again, stay gold. Bang.


    xAuth is a plugin designed with a single task in mind: protect a server and its players while running in offline-mode. The basic idea of this protection is allowing players to register an account based on their player name and a supplied password. When a registered player connects to the server, that player will be prompted to authenticate his or herself by logging in. If and only if a valid password is supplied, they will regain full control of their account until their session expires.

    • Before registering/logging in, players cannot:
      • Chat, execute commands, interact with objects (levers, chests, etc.), move, or pickup items.
      • Break or place blocks
      • Receive or give damage, be targeted (followed) by hostile mobs
    • Inventory and location protection
    • In-depth setting and message configuration
    • Persistent login sessions through server restarts
    • Player name filter and password complexity configuration
    • Kick non-logged in (but registered) players after a configurable amount of time
    • Bukkit Permissions support
    • Kick or temporarily lockout the IP address of a player who fails to log in after a configurable amount of tries
    • Custom, highly secure password hashing
    • H2 and MySQL support
    • Authentication over URL (AuthURL) allows for connection to forum or website databases
    Changelog (click for full changelog)
    • Version 2.0.10
      • [Fixed] Exploit to completely bypass login system.
      • [Fixed] xAuth commands not working with Rcon
      • [Fixed] Exploiting login system to avoid fire & drowning damage.
      • [Fixed] NPE caused by player connecting & disconnecting during same server tick.
      • [Fixed] 'Table "SESSIONS" not found' error when a player uses /logout while session length is set to zero.
      • [Fixed] Exploiting location protection after dieing to return to the spot of death.
    • Version 2.0.9
      • Added several reverse single session configuration options.
      • Fixed registration.forced: false not working.
      • Updated version check and H2 download links.
    xAuth Importer
    xAuth Importer is a tool used to import accounts from previous versions of xAuth as well as other authentication plugins. Click here for more information.
  2. Offline


    i got kicked again when someone login with my name

      reverse: true
        reverse: false
    that is default, is it wrong?
  3. Offline


    [quote uid=90678878 name="mert" post=1121115]thats my turkish translation for this plugin.

    <Edit by Moderator: Redacted mediafire url>

    can u put this into the plugin next update? so many turkish server are using xauth.
    they will be happy.[/quote]
    You didn't translate half of it.

    [quote uid=90658902 name="iKrzysiek" post=1122499]Is any way to integrate xAuth with Wordpress accounts?[/quote]
    Yes, write a script to use with AuthURL.

    [quote uid=101574 name="harry2258" post=1122590]i keep getting this error
    Isn't it suppose to make the tables automatically?[/quote]
    It does if set up correctly. Did you update from an older version?

    [quote uid=16430 name="zok" post=1122768]Latest build v2.0.9 doesn't download the needed library, cant get error msg at this very moment[/quote]
    Yes it does. Click here if you still need it.

    My life does not revolve around you or this forum. Acting like an impatient kid and posting multiple times in the same day will do nothing but piss me off and get you ignored.

    Also, your name, font choice, and writing style are obnoxious.

    Were you logged in or out when this occurred?
    Last edited by a moderator: Dec 14, 2016
  4. Offline


    i was logged in ...
    oh i becoming guest when the session is over?
  5. Offline


    No, your session expiring while on the server doesn't make you a guest. It worked fine during my tests so that's weird. When I get home from work I'll test it some more, unless you want to try to reproduce it and report back what you find.
  6. Offline


    Hello. I have problem! When player is online, and other connect with same nick but diferent ip, player gets error that "You logged from another location" or something like that. Then player loses item!! Help please, what should I do?? Players getting mad when they keep dc'ing and loosing item :(

    p.s sorry for bad english!
  7. Offline


    I want to connect xAuth and Wordpress user accounts in one MySQL database. Accounts from Wordpress are in one table in some columns, but in xAuth config i must specify some tables for every data.
  8. Offline


    Good riddance. Enjoy using a plugin that is less secure, has fewer features, and written by amateurs.

    AuthURL can be used to connect to the Wordpress database and read accounts from there but xAuth still requires it's own tables to function.

    I think over 200,000 downloads slightly disagrees with you. By the way, xAuth is one of the easiest plugins to use, you just drop the .jar in the plugins directory. If you can't get it working you probably shouldn't be running a server.

    EDIT by Moderator: merged posts, please use the edit button instead of double posting.
    Last edited by a moderator: Jul 17, 2016
    zok likes this.
  9. Offline



    i cannot reproduce it also,
    but i was logged in for 2 or 3 hours when that was happens.

    maybe it was/is a time bug whats only happen in rare cases,
    when i try with 2 clients its all fine.
  10. Offline


    it would be great when you add ,that everyone can sellect what collum he want to use for the password ,username , id etc etc

    like the table names in the config


    so its very easy to use it whit loots of cms you only have to change the hashing method of the cms to the same than xauth
  11. Offline


    I had a older version but i accidentally deleted the SQL data, so i deleted the xAuth Folder and started over.
  12. Offline


    Well I've used this plugin many hundred times and never had any problems with it, I started out with a clean jar of Craftbukkits latest release and a fresh dl of xAuth and connected to my ssh and ftp started the server and it started leaking tears because it couldn't get the needed library :(
  13. Offline


    Manifest-Version: 1.0
    Built-By: Zach
    Build-Jdk: 1.7.0_02
    Class-Path: ../lib/h2-1.3.164.jar
    Created-By: Apache Maven
    Archiver-Version: Plexus Archiver

    CypherX i've download the 2.0.9 and there was all ok.

    EDIT by Moderator: merged posts, please use the edit button instead of double posting.
    Last edited by a moderator: Jul 17, 2016
  14. Offline


    is there a permission node to let players change their own password, and not everyone else's too?
  15. Offline


    i seem to be getting the same errors as harry2258, it gives me errors about it not having the required tables, and wont seem to make the tables itself, any ideas?
  16. Offline


    when is down. how can i change my username? i play as play offline. becuse is down. but my friends can't join? anyone?
  17. Offline


    In this plugin also eq lost like in AuthMe ?

    How to disable last login session ?

    EDIT by Moderator: merged posts, please use the edit button instead of double posting.
    Last edited by a moderator: Jul 17, 2016
  18. Offline


    i have a small suggestion/request

    display in chat when someone register or login success,
    like it actually is in console/log
    [xAuth] Dave has logged in

    but for OP only or based on permissions.

    that would be helpful.
  19. Offline


    CypherX, great plugin! Everything is working great.

    I do have sort of a bug report for ya:
    On my server, we are exploring the Nether a great deal and often times a user will log out while in a safe place in the Nether without returning to the Overworld first. It seems that the "logged out" location in the Nether happens to be a huge pit of lava. So while the user is trying to login, his avatar is burning up. Once he logs in he is brought back to the place where he last logged out, however he is still on fire. It's so bad that the user will actually die since the fire will not go out.

    [EDIT] I figured out how to set the spawn location so at least now we aren't spawning in lava =] [/EDIT]

    Thanks, keep up the good work!
  20. Offline


    Bug in reverse single session. When second user connect to server he get kicked with msg "Already online". But first user (in game) after that gets his chat freezed.
  21. Offline


    All players can do that by default.

    Use a cracked client.

    Maybe. I'll add it to my list of possible things to implement.

    I can make it extinguish the fire when they log in but that could be exploited, but yeah, the location feature is used to move where the player goes when not logged in.

    Frozen chat? Weird. I'll look into it.

    Oh yeah, I started playing the ArmA II DayZ mod this weekend. I may not be as active for a while.
  22. Offline


    Can you add support to CombatTag ?
  23. Offline


    Still no Authurl doc huh?!
  24. Offline


    No access to phpmyadmin? If you know username and password, and have access to adding removing website files, you can access sql.
  25. Offline


    Donated! :cool: (Ironic, huh?)

    A different plugin (SlotGroups) was causing reverse enforce single session to not work. I got rid of it for now.

    EDIT by Moderator: merged posts, please use the edit button instead of double posting.
    Last edited by a moderator: Jul 17, 2016
  26. Offline


    Can you save their "burn state" when they logout and restore it upon logging in? Similar to the way player location is saved and restored..
  27. Offline


    The guy who developed AuthURL is busy in real life so he hasn't had time to write up the documentation.


    I plan to do this for the next update.
  28. Offline


  29. Offline


    Will it work with FirstJoinPlus? I want to set a another spawn to player who has joined the server first time.
  30. Offline


    FIX THIS DAMN PLUGIN !!!!!!!!!!!! ITS SOOOOOOOOOO UNSTABLE !!!@!11 Everything worked great like for a moth, and randomly one day login/register stopped working. All server griefed........ Since nothing will fix my map, ATLEAST MAKE IT STABLE.


    Some old users connected right when the plugin glitched out, a possibility of hack ?
  31. Offline


    I believe you're experiencing an ID10T error.
Thread Status:
Not open for further replies.

Share This Page