Installing Mediawiki with Vision Editor, parsoid active directory as private wiki notes/fixes

My Notes:

Setup: Mediawiki 1.27

AD: Windows 2012

Web Server: Linux Debian

Installing missing libraries first:

  • php5-curl
  • stunnel4
  • curl


  • Make sure that the correct spacing is set in parsoid.conf

  • Make sure that it has started by checking the /var/log/parsoid.log

  • Mare sure that you enables stunnel after in etc/default/stunnel4

Change to one to enable stunnel automatic startup

Add to Wiki config: LocalSettings.php

\\ Make Wiki Private

$wgGroupPermissions[‘*’][‘read’] = false;
$wgGroupPermissions[‘*’][‘edit’] = false;

\\Enable API for VisionEditor //Parsoid


\\ Configure LDAP

require_once( “$IP/extensions/LdapAuthentication/LdapAuthentication.php” );
$wgAuth = new LdapAuthenticationPlugin();
$wgDebugLogGroups[‘ldap’] = ‘/tmp/mediawikiADDebug.log’;
$wgShowExceptionDetails = true; //for debugging MediaWiki

\\LDAP AD config

$wgLDAPDomainNames = array(

$wgLDAPServerNames = array(
 ‘’ => ‘’,

$wgLDAPEncryptionType = array(
 ‘’ => ‘tls’,

$wgLDAPSearchStrings = array(
 ‘’ => “domain\\USER-NAME”,

//Enable Visual Editor

wfLoadExtension( ‘VisualEditor’ );
// Enable by default for everybody

$wgDefaultUserOptions[‘visualeditor-enable’] = 1;
$wgVirtualRestConfig[‘modules’][‘parsoid’] = array(
// Use port 8142 if you use the Debian package or 8143 if running parsoid under https
 ‘url’ => ‘’, // or use 8142 if you don’t use stunnel4
 ‘domain’ => ‘’,

Linking with Parsoid in private wikis

Forwarding Cookies to Parsoid
// This feature requires a non-locking session store. The default session store will not work and
// will cause deadlocks (connection timeouts from Parsoid) when trying to use this feature.
$wgSessionsInObjectCache = true;

// Forward users' Cookie: headers to Parsoid. Required for private wikis (login required to read).
// If the wiki is not private (i.e. $wgGroupPermissions['*']['read'] is true) this configuration
// variable will be ignored.
// WARNING: ONLY enable this on private wikis and ONLY IF you understand the SECURITY IMPLICATIONS
// of sending Cookie headers to Parsoid over HTTP. For security reasons, it is strongly recommended
// that $wgVirtualRestConfig['modules']['parsoid']['url'] be pointed to localhost if this setting is enabled.
$wgVirtualRestConfig['modules']['parsoid']['forwardCookies'] = true;

Parsoid over HTTPS

By default, Parsoid only supports HTTP connections. However, it’s easy to provide HTTPS Parsoid by using Stunnel, a utility which offers SSL wrapping for arbitrary sockets. Most Unix distributions have ‘stunnel’ or ‘stunnel4’ package available from the repository. The following config file shard (e.g. /etc/stunnel/parsoid.conf) should do the trick:

cert = /etc/ssl/my_certs/parsoid.crt
key = /etc/ssl/my_keys/mykey.key
CAfile = /etc/ssl/my_ca/ca.crt

accept  = 8143
connect = 8142