News and Upcoming Changes (Archive)

The Archive

As i would like to read your comments and keep the page up to date older posts will moved here from time to time as it would clutter up the main news page.

Update as of 3rd September 2013

xAuth 2.4.0 is finally out. Please not that this release contains new permission nodes. The old permission nodes are invalid as of now. Make sure that you have a look at the plugin.yml on my github page to check how the nodes are now named.

Example: Before v2.4 we had xauth.version for the xauth version command. Now it has changed to xauth.allow.player.command.xauth.version

Alternatively you can take a look at the guest nodes in the config.yml. just replace guest with xauth and you will know what node to use. Also you can enable permission debugging via config that will help you finding the right permission for any action.

To enable this feature just execute the command "xauth config permissions.debug true" from console. After that execute "xauth reload" to apply the change. Don't forget to disable it again when you are done.

Why the change to the permission system? This is because i have adapted PermissionsEx permission node builder to allow command blocking and restrict guest commands. As i didnt want to interfere with other command blocker systems the fallback for a non-existing node is "allow". So as long as you dont define xauth.restrict.node it will always be allow.

Allow can be defined if you have multiple groups that define restrict permission. Note: you dont need to invert the permission with "-" as this would counter this method and you will get unexpected results.

Adding a user to a group is now implemented for Pex only at the moment. I didn't had time to implement it for Essentials too but i will work on it. The reason I decided to not implement it at this time is that im on vacation for one week starting from today and i didn't want it to delay any longer.

I will not have access to my workstation so please create an issue at if you find any bugs or if you have a question contact me via PM on DBO / Forums.

I will create a detailed documentation after my really needed vacation. Returning at around 10th September, continuing to work on a 1.6.2 beta release.

Update as of 26th July 2013

Update is scheduled for this Sunday. Stay tuned this update is big.

Update as of 16th May 2013

My Domain is currently not avaialble. I have contacted my Hoster and i hope that it will be back soon. Just to let you know that there is nothing to worry about.

Release is currently planned for 17th/18th.

Update: Domain is available again.

Update as of 8th April 2013

Event System is implemented and fully functional. Is the H2 to MySQL export finished? Well, I totally forgot about xAuthImporter. Instead of implementing many import routines into the plugin i have decided to not implement import or export functions into xAuth yet and updated xAuthImporter instead. If i find an efficient way to integrate import and export into xAuth it might find its way in at a later stage.

But for now xAuthImporter will do this job as you would have to shutdown the server anyways or at least make sure that the database is not under write access this is the right choice i guess.

Update as of 3rd April 2013

I have successfully tested the new restriction system and fixed some other very hard to find bugs. Also xauth reload is now working as expected. Last step is EventSystem and H2 to MySQL export.

Also the guest assign via groups now works for PermissionsEx and Essentials GroupManager. This was without any function before and can now be activated with true via config. default is false and the default group is called Novice. i removed the guest group assignment as this is redundant as most plugins offer default group assignment when not registered via permissions plugin.

Expect an update soon.

Update as of 2nd April 2013

The restriction system is implemented. I have re-done the whole permission system (took longer than i expected). If you know ModifyWorld from tehcode you will like this. A guest can now be fully restricted like you can allow that they can move but you can restrict everything else.

For example, in config set via "xauth config guest.restrict.player.move false"

  • xauth.guest.restrict.player.move: false
  • xauth.guest.restrict.player.interact: true ..

What does that mean for existing permissions? Well i didnt mentioned it in for the guest node cause i have restricted access to xauth commands only but if you are xauth admin you can restrict authenticated command usage via permissions now!

Would disallow usage of the command help. So does that mean xAuth can now block commands? Well, yes and all this is configureable via permissions.

Note that i do the permission check a bit differently. For most plugins you would do "that.specific.permission" to allow certain things and "-that.specific.permission" to deny. I have implemented a node called allow so that is not needed. You do "" only(!) if another group already has the deny node present as i do follow the Allow, Deny rule. Meaning everything that is not set via permissions is allowed. So keep in mind when you have restricted access you can overwrite this with the allow rule and only then this is needed.

How do i know what node i have to use? Well, this will be documented but the scheme should be easy to catch as it uses the event name or for blocks the name of the block. Examples:

  • xauth.restrict.player.interact.block.grass
  • xauth.restrict.player.interact.npc.merchant
  • xauth.restrict.player.damage.player.luricos and so on ..

This will be documented on my wiki at

Does the (star) wildcard permission work for subnodes? This is up to the permission system used. If you use PermissionsEx then yes. bPermissions does support that too and i guess this is standard behavior for almost any permission plugin.

Update as of 1st April 2013

The release is near but I had to reschedule the release for today as its 5am here. I did fixed many bugs that i have encountered while working on tickets. So expect a huge update (you will see when i post the changelog).

Next is:

  • EventSystem
  • Export H2 to Mysql
  • Extend new Restriction System for Guests to Block and Entity events.

Everything else like automatic group assignment will be scheduled for the version after 2.0.31 So 2.0.31 will be a pre-release and the version after that will be more fine graded. Like the resetPW feature will be replaced with another more sophisticated system.

Stay tuned!

Update as of 27th March 2013

What happened to the Ticket system?
Its migrated. For all who just arrived here i did a huge update to all of my plugin pages. Issue Tickets and Documentation is now hosted at my JIRA and Wiki intance at and

Please read older update news if you are interested in the previous changes.

Current Changes made:

  • Phased out xAuth Ticket system
  • Closed xAuth Forum on dev.bukkit as you can now create issue tickets as question. This replaces the Forum.
  • Phased out WormholeXTreme Tickets
  • Closed WormholeXTreme Forum on dev.bukkit as you can now create issue tickets as question. This replaces the Forum.
  • Phased out WormholeXTreme Worlds Tickets
  • Closed WormholeXTreme Worlds Forum on dev.bukkit as you can now create issue tickets as question. This replaces the Forum.

Finished migrating all tickets to

Update as of 25th March 2013

Thanks to Atlassian I can now continue to extend the wiki and make use of the issue system. I got my licences for JIRA and Confluence aprooved and can now provide you with a better support.

To do that i will phase out existing tickets to JIRA. You should now register at and use your forum, dev.bukkit or github username so i can cross reference it and accept the account.

You will be able to directly create an issue after you registered and logged in.

The documentation at can be viewed anonymously but for features like the live chat you can simply log in with your existing account.

In the meantime stay tuned. The update for xAuth will be out soon. Better be prepared for all new changes!

Update as of 23nd March 2013

Hi guys, you might wonder why there is no new version out yet. Let me enlighten you.

As i dont like the ticket system on dev.bukkit i have worked hard these days to fix that issue.

Why i dont like it? Well, the ticket system used here is not ment for issue tracking its a simple ticket system that does allow you to post your problems. But what it lacks most is that you dont have an exact overview about your own tickets.

You simply have to check your tickets over and over if there is any update. This can be frustrating (for me it is). And because i want to make you happy, get more response from what you need and how you feel about the plugin and its features i have installed JIRA and confluence on my host.

JIRA as you may know is one of the leading issue tracking systems and you may know it from

Confluence can be seen as wiki but its main purpose is "Documentation-System".

As i really want to give you more details about the plugin "how it works" and "how you can use it", thats the place where you will get help in the future.

Sadly there is a small problem. Im currently on 30 days trial and i have registered for the open source licence. So lets hope that i met the requirements and that i can use it for free in a non-commercial license. If not then well lets not think about that =)

As JIRA does have a connector to my IDE IntelliJ i will then be able to look at tickets from within my IDE and set the status in an instant so you can see what im working on at any time on my JIRA. You have a direct overview about your posted issues and if you like set it to auto refresh so that you wont miss any updates on your ticket.

Im currently working on migrating the documentation to the wiki so you will be able to view later on. As i want to focus on plugin release please be patient as this is a WIP.

When this is all done you can simply search for a keyword and hopefully you will get a result. Im also planning on posting example usages for all my plugins to give you a head start and a perfect overview about "What can the plugin do and how it can be used from my point of view".

"Why do you do that? We want the plugin out right now!" Well this was a hard decision but i really need a good project management up and running and JIRA can do that without your input my plugins are pretty much useless. The plugin will get bigger and bigger in the future as i have some plans in the backhand that you may like.

A good example by the way. If i have something to tell then i can reach you better. When you register with your email i can send a mail to all of you, if you want. Of course this would be also available in the news feed that can be checked out with RSS or via visiting JIRA.

Besides that the update check system would be nearly needless as you can check via RSS if there is a new version available or if possible you would receive email notification about a new version.

While im working on the new version you may concider registering now so i can set you into the right user group as i have set up restricted access to newly registered users because of a possible spam attack that may come in when i post the link here now.

When you register you can only view stuff but dont post. As soon as i will get notified about a new registration (also i will periodically check for it) and set you in the right group so you can create an issue.

For the meantime issue creating is disabled as i want to migrate the existing tickets first to JIRA. After this is done i will grant access to creating tickets.

A note when registering: You should not use trashmails as i may filter them because they can be used for spam attacks. Also note that the email address is checked for an existing gravatar. So when you want to have your account linked to your gravatar account use that email-address.

Im not interested in your personal details. You can fill out what you like but it may help me if you use either your Accountname or the bukkit forums name so i can cross reference a valid account.

That said i hope you like this upcoming change.

Here are the links JIRA: WIKI:

If you like this feel free to leave me a message here or at JIRA.


Besides fixing bugs and optimizing the code i have implemented some new features.

  • Export from H2 to MySQL via textdump
  • added permission nodes for all commands
  • new reset password mechanism

For detailed informations check the upcoming changelog for v2.0.31

New reset password mechanism

You can now reset your password, if did lost your pasword, via a unique way of identifing yourself. All users would have to set this secret message once they have authenticated themselfs with the system.

Admins will then be able to reset the password via /xauth resetpw <user> [pwtype] This command has an optional field called pwType. For all who didn't know you could change the field inside the database to a supported PasswordType. The password can then be changed changed via changepw to ensure that the password is correctly encrypted otherwise the user would not be able to login.

New password handling

I changed the way xauth handles passwords during login. Before any changed pwType would always result in having a xAuth password stored. Meaning even if you would change it to MD5 and set the correct hash the password would be re-encrypt (as we know the login password if it matches) to xAuth whirlpool.

I have made this configureable. Default is now "leave it untouched" meaning if you are in mysql or h2 mode you can set the password and pwType via db so you can "create a custom view" for your database to let users login to your forum with their xAuth account.

Updating the documentation

Knowing that the github wiki is kinda old i will try to upgrade it in the future. Im currently focusing on testing the plugin.

Upcoming feature

This will be probably a long term process but im planning to switch any user input (including admin commands) to make use of the conversation API. This will always make sure that no slash command will be visible to chat.

In a short term perspective i will probably first switch to a more advanced command manager and redesign the command structure to a more grouped one.

Ah, one thing i have for you. I plan to release a new plugin that can hook into xAuth directly to control all commands without even typing. Checkout my github page or dev.bukkit profile for new plugins it will be there when its done.

Hope you enjoy the plugin!

Feel free to add commends to this page or send me a PM. I will check them from time to time.