Disconnect whitelisted Player

[GrueneNeun]

I am trying to use this plugin on the current version of minecraft, on a Paper Server behind a Velocity Proxy. Server.properties online-mode is set to false, but both Paper and Velocitys online mode are set to true.

When I add a player to the whitelist and activate it, the player can't join the Server. Server.log: [22:45:19] [User Authenticator #6/INFO]: Disconnecting com.mojang.authlib.GameProfile@7d19f9b5[id=c47e579f-c34e-4835-9db6-817a0ea26aab,name=TheEpicYomo,properties={textures=[com.mojang.authlib.properties.Property@79266249]},legacy=false] (/87.122.20.208:46242): You are not whitelisted! [22:45:19] [Server thread/INFO]: com.mojang.authlib.GameProfile@7d19f9b5[id=c47e579f-c34e-4835-9db6-817a0ea26aab,name=TheEpicYomo,properties={textures=[com.mojang.authlib.properties.Property@79266249]},legacy=false] (/87.122.20.208:46242) lost connection: You are not whitelisted! [22:45:22] [User Authenticator #6/INFO]: Disconnecting com.mojang.authlib.GameProfile@4317b20e[id=c47e579f-c34e-4835-9db6-817a0ea26aab,name=TheEpicYomo,properties={textures=[com.mojang.authlib.properties.Property@381b6872]},legacy=false] (/87.122.20.208:53350): You are not whitelisted! [22:45:22] [Server thread/INFO]: com.mojang.authlib.GameProfile@4317b20e[id=c47e579f-c34e-4835-9db6-817a0ea26aab,name=TheEpicYomo,properties={textures=[com.mojang.authlib.properties.Property@381b6872]},legacy=false] (/87.122.20.208:53350) lost connection: You are not whitelisted!

Whitelist.yml:

GrueneNeun: online_uuid: 04105d5b-1619-421f-938c-aef9b2f13213 offline_uuid: 143cb535-efd8-3840-a2a0-69cf2e72a7f4 TheEpicYomo: online_uuid: c47e579f-c34e-4835-9db6-817a0ea26aab offline_uuid: 1c1ff6c9-8a5c-303c-b700-c24903697efa

Please let me know if you need further information!

[Polda18]

The UUID reported by your proxy (I guess) to your server mismatches the one the whitelist expects. You say that server.properties online mode is set to false, but both Paper server and Velocity proxy have it set to true? Where is the online mode disabled?

[Polda18]

Just for clarification: If you want to allow players that do not own a purchased copy to join your server, all servers need to have online mode disabled. If you want players to be able to join only if they have a legitimate purchased copy, you need to enable online mode on all servers. That includes the proxy server as well, being it Waterfall or Velocity. If one server mismatches online mode settings, then it's not going to work as expected. That's because players stay connected to the proxy server that forwards the UUID to children servers. Players never actually leave the proxy server, the proxy acts like a middle man relaying packets between client and the target server. That's why players can simply hop between servers using an appropriate command and why players are not kicked into multiplayer menu if one of the servers goes down but rather are thrown back into a lobby server for example (if one is set up). If players were connected directly to the target server, this wouldn't work. Plugins on the other hand often do not have an idea about proxied servers and forwarded UUID, so if you have your proxy's online mode enabled, but servers have their online mode disabled, then plugins on those servers often expect an offline mode UUID, but they're given online mode UUID instead, which leads to errors like this.

[Polda18]

I might investigate into a way to detect if the server is somehow connected to some sort of multi-server proxy network (Bungeecord, Waterfall or Velocity), maybe through a use of Bungeecord messaging API (you'll need to download a plugin for your proxy server that will recognise these messages and will be able to answer to them - that plugin doesn't exist yet, I didn't feel the need to create one), but I'm not sure if Velocity supports Bungeecord plugins. I know that Waterfall does, being a Bungeecord fork, but not sure about Velocity. Reading the documentation it seems like it doesn't. So you'd be out of luck there. Not many server owners use Velocity, majority use eighter Bungeecord or Waterfall, to ensure compatibility with most plugins. And that's the route I would also go for. Some plugins may use both Bungeecord and Velocity API, to ensure compatibility. It may be possible in a single JAR file, or separate JARs for Bungeecord/Waterfall and Velocity.

Much simpler and much more reliable solution however would be to simply set the online mode enabled or disabled in such way all servers including the main proxy match the settings.

[GrueneNeun]

The UUID reported by your proxy (I guess) to your server mismatches the one the whitelist expects. You say that server.properties online mode is set to false, but both Paper server and Velocity proxy have it set to true? Where is the online mode disabled?

In velocity.toml online-mode is set to true to authenticate players with mojang, since we don't need to allow players with non-paid versions. In paper-global.yml online-mode in the proxies section is set to true according to their manual (both settings need to match). In server.properties online-mode is set to false (also according to the manual of paper/velocity) and velocity can't connect players to this backend server if it is set to true.

While BetterWhitelist doesn't let players in the whitelist connect in this constellation, the vanilla whitelist works as expected and only lets listed players connect and keeps not listed players outside. But i don't really want to use it, since giving permission to this commands enables mods to accidentally turn of the complete whitelist which i want to prevent. So the permissions list/add/remove from your plugin are the thing which i really like and appreciate.

[Polda18]

I'd suggest you to switch from Velocity to Waterfall then. This obviously isn't going to work with this plugin. Waterfall is a fork of Bungeecord and settings are more unified for this. Plugin is actually for Spigot, not directly for Paper, so the plugin has no idea about Paper's own online mode settings and instead reads the server.properties online mode settings (which is Bukkit/Spigot settings). Sorry for inconveniences, but there's really not much I can do in this case. Paper is designed to be compatible with Bukkit/Spigot plugins, but Velocity isn't designed to be compatible with Bungeecord. Despite Velocity's marketing about being better solution than Bungeecord and Waterfall (which is true for bug fixes), you're actually more likely to cause compatibility issues with this setup. Waterfall is designed to be compatible with Bungeecord, and therefore is compatible with Spigot. Since Paper is fork of Spigot, the Waterfall & Paper combo is the best setup.

[Polda18]

If you insist with using this setup, I can make a separate Paper-dependent plugin that uses Paper's own API, which basically acts like a wrapper for Spigot, acting like a Paper-to-Spigot API bridge, and add it as a soft dependency to this plugin. It will however take some time, for proper testing, so I can ensure proper function. The wrapper will essentially switch a mode in the main plugin, which will use its own API to bridge Paper's API into any Spigot plugin that needs to work with UUIDs depending on an online and offline mode of the server. The wrapper API shall be available in a Maven repository for other developers to be remotely imported and used. It would be easier than creating a whole separate version of this plugin just for Paper. Then after everything is thoroughly tested and major bugs fixed, I'll make a statement that the wrapper JAR is needed to ensure compatibility with Velocity & Paper servers setup. Wrapper is not needed for Waterfall & Paper servers combo or for standalone Paper servers, and won't work on Bungeecord & Spigot servers combo and standalone Spigot servers.

[Polda18]

Plus, I failed to find any mention on the Velocity documentation that the vanilla online-mode needs to be set to false in order for the Velocity proxy to forward players to your server successfully. As to why it doesn't work if you enable online-mode in server.properties file, I don't know. But documentation doesn't say anything about it.

[Polda18]

You are running Minecraft 1.19.4? There's no mention of such requirement for current version.

[GrueneNeun]

I am using latest Minecraft Version. The disabled online-mode is mentioned in this article and as i tried with waterfall also a requirement for BungeeCord / Waterfall. I would like to keep using Velocity, since it works - as i just tried Waterfall and didn't get it to work at all - it basically has no documentation as it seems. But I tried just for an hour and did not really look into any bungeecord documentations itself....

[Polda18]

That's an issue then. There doesn't seem to be a reliable way get BungeeCord or Velocity settings in a Spigot plugin and the online mode checking method Bukkit API provides only checks the server.properties file, which then doesn't represent the accurate settings. I'll have to ask more experienced developers how to solve this issue of a server behind a proxy and provide compatibility for this. I guess the best option would be to simply provide an API to check for these settings. If the server however is running Spigot and connects to BungeeCord, there's no real way to check for an online mode running on BungeeCord without a plugin on the proxy. I might have to make a BungeeCord plugin as well (maybe Spigot + BungeeCord in one JAR, will see), and let it communicate between the proxy and the backend.

[GrueneNeun]

Maybe a setting "ForceOnline" would be sufficient in BetterWhitelist as the Velocity/BungeeCord/Waterfall Proxy keeps track of the UUID in this case?

[Polda18]

Yes, proxy keeps track of the UUID, but the plugin needs to know whether it should treat the server as being offline mode or online mode. Because server is always offline mode in proxied condition, then the plugin needs to know whether the proxy is set to online mode or not. Because the plugin keeps track of a set of two UUIDs for each player. Online mode UUID in case the player name has been found in Mojang database, and Offline mode UUID for when the server is in offline mode. That allows the plugin to change the set when the server owner decided to switch between online and offline modes. That works perfectly for single server setup, but unfortunately doesn't really work with multiserver proxy setup. So setting "ForceOnline" wouldn't really help in this case.

[GrueneNeun]

"ForceOnline" would let BetterWhitelist use the Online UUID which it gets from the Server even if it is in online-mode=false. At the moment, if i see it correctly, it tries to use the offline UUID, because the Server is offline but it gets the online UUID from the Server and of course these two don't match. If this setting just tells BetterWhitelist to ignore the offline Mode of the Server it would at least solve my problem. I don't know what it does to people allowing non-Mojang Accounts and use this plugin...

[Polda18]

I'm not sure where the "ForceOnline" comes from, but it wouldn't work. It may work for your case, but won't work in case someone actually sets offline mode (even proxy). It will just reverse the problem, which will now cause issues for players connecting to a server that allows cracked players to join. So it doesn't really solve issues. The only real solution is to somehow detect proxy settings and get the online mode from there. For that, I'm actually making a new plugin, which will be a soft dependency in BetterWhitelist.