Inactive [SEC] xAuth v2.0.10 - Extra Authentication [1.2.5-R1.3+]

Discussion in 'Inactive/Unsupported Plugins' started by CypherX, Mar 15, 2011.

Thread Status:
Not open for further replies.
  1. Offline


    xAuth v2.0.10 - (CraftBukkit build: [1.2.5-R1.3+])
    Download v2.0.10

    lycano is taking over the development of xAuth as I no longer have the time nor the will to continue working on it. Please see the BukkitDev page:

    Thanks to everyone who has showed support for me and xAuth over the past 17 months. It's been 'fun'. If for any reason you need to contact me, stop by my IRC channel ( #LoveDespite) or toss me a message at Until we meet again, stay gold. Bang.


    xAuth is a plugin designed with a single task in mind: protect a server and its players while running in offline-mode. The basic idea of this protection is allowing players to register an account based on their player name and a supplied password. When a registered player connects to the server, that player will be prompted to authenticate his or herself by logging in. If and only if a valid password is supplied, they will regain full control of their account until their session expires.

    • Before registering/logging in, players cannot:
      • Chat, execute commands, interact with objects (levers, chests, etc.), move, or pickup items.
      • Break or place blocks
      • Receive or give damage, be targeted (followed) by hostile mobs
    • Inventory and location protection
    • In-depth setting and message configuration
    • Persistent login sessions through server restarts
    • Player name filter and password complexity configuration
    • Kick non-logged in (but registered) players after a configurable amount of time
    • Bukkit Permissions support
    • Kick or temporarily lockout the IP address of a player who fails to log in after a configurable amount of tries
    • Custom, highly secure password hashing
    • H2 and MySQL support
    • Authentication over URL (AuthURL) allows for connection to forum or website databases
    Changelog (click for full changelog)
    • Version 2.0.10
      • [Fixed] Exploit to completely bypass login system.
      • [Fixed] xAuth commands not working with Rcon
      • [Fixed] Exploiting login system to avoid fire & drowning damage.
      • [Fixed] NPE caused by player connecting & disconnecting during same server tick.
      • [Fixed] 'Table "SESSIONS" not found' error when a player uses /logout while session length is set to zero.
      • [Fixed] Exploiting location protection after dieing to return to the spot of death.
    • Version 2.0.9
      • Added several reverse single session configuration options.
      • Fixed registration.forced: false not working.
      • Updated version check and H2 download links.
    xAuth Importer
    xAuth Importer is a tool used to import accounts from previous versions of xAuth as well as other authentication plugins. Click here for more information.
  2. Offline


    pleas read last 5 pages in this forum for your ansver... We talking about it few days.
    or read this:

    but you have to use version 2.0.17
    Just read!

    Are you going to create some todo list (after debugging of course! ;))? I have some little requests :)
  3. Offline


    lycano, could you also make some human readable changelog file where your xAuth builds are ?
  4. Offline


  5. Offline



    What do you think about creating a BukkitDev page or at least a nice GitHub repo with download link for binaries and Issue tracker?
    It is hard to find the download link in this big thread (for those who haven't found it: and to keep track about issues and expolits.
  6. Offline


    You deleted the DBVERSION file which contained informations about the last step taken during the update procedure. Please follow this steps:

    1) DROP/RENAME all tables for that database (you can still make a backup of the structure and reimport later)
    2) delete DBVERSIONS file in xAuth folder
    3) start Server

    This should recreate all needed tables. If you did correcly entered your creditionals for your mysql connection this should work.

    portapipe would you please read the error at least? your table account still exists and i told you numerous times what to do. Your issue has nothing to do with the any x > 2.0.12 builds.

    DJTommek ... why do you recommend .17? Also, yes i do have a roadmap i can publish

    APlusMalware not everyone do use a dev build. Plus this is compiled against RB not dev builds. PlusPlus in my opinion the quit command is a feature that was missing.

    "Dev Bukkit" is on my todo

    If you type /xauth version you will find all instructions in your server.log file. This will also show when there is a new version available and you start the server (auto version check has to be enabled for this feature).

    EDIT by Moderator: merged posts, please use the edit button instead of double posting.
    Last edited by a moderator: Jul 17, 2016
  7. Offline


  8. Offline


    I did what you sad, deleted the dbversion file with server off and restart it. The errors was that.
    I don't know java code, php and mysql ok but not java, so I can't understand what is the issue.
    I just want to make all run fine.
  9. Offline


    portapipe oke lets try again =) you do use h2 as database. You would need to edit the file with an H2 Database editor then delete the tables manually.

    In the future i will implement a dump, init feature so you can reset the whole plugin to its default values. But for the time beeing you have to delete the table by yourself. Alternatively delete the xAuth db file in xAuth plugin dir and DBVersion. As i did see many problems with that i think i will move DBVersions file into a table or think of ways to prevent this and make it user friendly.

    Note: If you follow this instructions this will also delete all registered users and passwords!

    Thanks Silentx88 for posting the link.

    Whats the recomendation? Check for CB version and execute the restore on quit? Cause thats the only way i can think of to prevent this error till the next RB is out. You can and should use 2.0.19 with 1.3.1R1.0

    Anyways i will copy that to docu on dev.bukkit when its created.
    "Use R1.1 if you want to just close the client"
    "Use R1.0 if you can life with fact that a simple /quit has to be executed before closing the client"

    Regards, lycano

    EDIT by Moderator: merged posts, please use the edit button instead of double posting.
    Last edited by a moderator: Jul 17, 2016
  10. Offline



    Is it possible that registered players will be automatically moved to another group? For example from guest to member

  11. Offline


    Can you go back and look at my post again as I did put a edit in with some new error code, dunno if its the same error but can you check and I'll try this shortly and get back to you, thanks.
  12. Offline


    The recommendation is upgrade this to a dev build which so you can close the client, and tell people to use a dev build. You trying telling your players to /quit before leaving. HAHA. Not happening.
  13. Offline


    may I request a 1.3.1 minecraft version of xAuth?
  14. Offline


    Just because few posts before it someone publish so I think he tested it ;)

    After 15 hours it don't wipe any inventory :)

    I can't wait on TODO list :)
  15. Offline


    Ok, I haven't saw the "open manually the h2 db file" and I have to do that tomorrow.
    I need to know if the "Note" line affect this method. If I delete the tables that makes errors, what happen to all my users data?
    Maybe I'm a little bit tired so I can skip some step.

    (1 more question) What about the h2 conversion to mysql?
  16. Offline


    portapipe im implementing the backend later i guess cause its reaaaaally not that easy atm. I would like to focus on stability first before doing that kind of stuff.

    if you delete any table your data ist lost. I even lost what you want to accomplish maybe you simply accidently deleted DBVERSIONS file at some time. So a short description of what is your real problem would be nice.
  17. Offline


    i was compiled xAuth with 1.3.1 support API Update AsnyncPlayerChatEvent and some aditional things with mysql and it works grate :) on my public server good luck lycano :)
  18. Offline


    This plugin has been taken over and the new developer has requested that this thread be locked and any future inquiries be directed to the BukkitDev page:
Thread Status:
Not open for further replies.

Share This Page