changelog: Otoroshi 17.12 #873
There are no files selected for viewing
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,36 @@ | ||
| --- | ||
| title: Otoroshi 17.12 is available with JWT Verification, new WAF engine and plugin improvements | ||
|
Check notice on line 2 in content/changelog/2026/01-30-otoroshi-17.12.md
|
||
| description: JWT verification via OIDC with session extraction, JVM-native WAF engine with OWASP CRS, plugin development enhancements and LLM extensions updates | ||
|
Check notice on line 3 in content/changelog/2026/01-30-otoroshi-17.12.md
|
||
| date: 2026-01-30 | ||
| tags: | ||
| - addons | ||
| - otoroshi | ||
| authors: | ||
| - name: SΓ©bastien Allemand | ||
| link: https://github.com/allemas | ||
| image: https://github.com/allemas.png?size=40 | ||
| - name: David Legrand | ||
| link: https://github.com/davlgd | ||
| image: https://github.com/davlgd.png?size=40 | ||
| excludeSearch: true | ||
| --- | ||
|
|
||
| [Otoroshi v17.12](https://github.com/MAIF/otoroshi/releases/tag/v17.12.0) is available with multiple improvements. It brings JWT verification support based on the settings of an OIDC authentication module with optional user session extraction through OIDCJwtVerifier. The release also allows Fail2Ban to be triggered by other plugins that can't use the `requestError` phase. | ||
|
Check notice on line 18 in content/changelog/2026/01-30-otoroshi-17.12.md
|
||
|
|
||
| This version also integrates a new WAF engine providing JVM-native implementation of ModSecurity SecLang with the OWASP Core Rule Set included. This eliminates binary dependencies and simplifies deployment in containerized environments, with flexible modes for comprehensive WAF inspection or lightweight request validation. | ||
|
Check notice on line 20 in content/changelog/2026/01-30-otoroshi-17.12.md
|
||
|
|
||
| For plugin developers, this version introduces various internal improvements: Monaco editor support in classic forms for enhanced code editing experience, provider helpers to create customizable errors in plugins, and the ability to always display plugins even if missing from the JS plugins list. | ||
|
Check warning on line 22 in content/changelog/2026/01-30-otoroshi-17.12.md
|
||
|
|
||
| This release includes LLM extensions [0.0.68](https://github.com/cloud-apim/otoroshi-llm-extension/releases/tag/0.0.68) and [0.0.69](https://github.com/cloud-apim/otoroshi-llm-extension/releases/tag/0.0.69), bringing OpenResponses-compatible endpoints for standardized LLM response handling through the [OpenResponses framework](https://www.openresponses.org/). These versions embed rate limit and budget consumption data in `GatewayEvents` and `LLMAuditEvents` for enhanced tracking, and support exposing any model with an Anthropic API compatible format. | ||
davlgd marked this conversation as resolved.
Show resolved
Hide resolved
|
||
|
|
||
| You can update through add-on's dashboard in the [Clever Cloud Console](https://console.clever-cloud.com). You can also set `CC_OTOROSHI_VERSION` of the underlying Java application to `v17.12.0_1769783775` and rebuild it, or use [Clever Tools](/doc/cli/operators/): | ||
|
|
||
| ```bash | ||
| clever features enable operators | ||
|
|
||
| clever otoroshi version check yourOtoroshiNameOrId | ||
| clever otoroshi version update yourOtoroshiNameOrId | ||
| clever otoroshi version update yourOtoroshiNameOrId v17.12.0_1769783775 | ||
| ``` | ||
|
|
||
| - [Learn more about Otoroshi with LLM on Clever Cloud](/doc/addons/otoroshi/) | ||
Uh oh!
There was an error while loading. Please reload this page.