Solved Socket auth system

Discussion in 'Spigot Plugin Development' started by zozidalom, Jul 2, 2016.

  1. Hy guy I am trying to make a socket auth system but!!!! The if statement in my code does not work. the password is asd123 but nothing in the if statement runs. Any IDEAS why?
    Code: http://pastebin.com/7xwNDEyW
     
  2. What did you try to fix this?
     
  3. FormallyMyles

    Supporter

    Could you post your new code?
     
  4. MiniDigger

    Supporter

    This is wrong in so many ways...
    You should not hard code the password.
    You should not transfer the password unencrypted.
    You should have a simple user system so not every client uses the same password.

    For your problem: if you included the change the other requested and it is still not working you should check if the Passwort is transferred right by printing it out to the console.
     
    • Agree Agree x 1
  5. Put ".equals" instead of "==" to compare a String. We're not in C languages, lol.
     
  6. MiniDigger

    Supporter

    that already has been suggested, please read the thread before you reply.
     
    • Agree Agree x 1
    • Winner Winner x 1
  7. I almost guarantee 100% he is just testing with a password. I don't think that his password will be asd123....
     
  8. I think he's just trying to get the concept of sockets down right now. I'll be very surprised if he actually publishes an application with that code.

    EDIT: Sniped by valaiyar

    @OP
    We can't help you debug a bug with sockets if you're only giving us the server-side code. What code are you using to send the data? Also, the
    Code (Java):
    servSocket.accept();
    should go in the loop. And the loop should be infinite. With your code, if
    Code (Java):
    br.readLine()
    is null, then it doesn't even bother with the loop. This is why you don't do sockets on the main thread, you have to have a separate thread for receiving especially because of the infinite loop. I recommend you take a look at this tutorial.
     
    • Agree Agree x 1
  9. With passwords you should salt hash them and then compare the hash, you should never ever ever store passwords directly.
    As I said above, you shouldn't even encrypt them, an encryption is just something behind a key, someone gets that key they get the code that is behind that key. Adobe even made that mistake a while ago (The big company, behind DW and Photoshop) where they used encryption instead of salt hashing and they lost millions of passwords, Also stupidly the password hints were also stored with the passwords ¬_¬
     
  10. Of course, that would be the best. My point was that you should in this case use .equals() and not .equalsIgnoreCase().
     
    • Agree Agree x 1
  11. And what solved your issue?