diff --git a/Workbench/configs-and-secrets/comanage/shibboleth/shibboleth2.xml b/Workbench/configs-and-secrets/comanage/shibboleth/shibboleth2.xml
index 7ea21f0..6b6fe06 100644
--- a/Workbench/configs-and-secrets/comanage/shibboleth/shibboleth2.xml
+++ b/Workbench/configs-and-secrets/comanage/shibboleth/shibboleth2.xml
@@ -24,7 +24,7 @@
         cookieProps to "https" for SSL-only sites. Note that while we default checkAddress to
         "false", this makes an assertion stolen in transit easier for attackers to misuse.
         -->
-        <Sessions lifetime="28800" timeout="3600" relayState="ss:mem" handlerURL="/grouperSSO/Shibboleth.sso"
+        <Sessions lifetime="28800" timeout="3600" relayState="ss:mem" handlerURL="/registrySSO/Shibboleth.sso"
                   checkAddress="false" handlerSSL="true" cookieProps="https"
                   redirectLimit="exact">
 
diff --git a/Workbench/docker-compose.yml b/Workbench/docker-compose.yml
index 080b8f5..888e0de 100644
--- a/Workbench/docker-compose.yml
+++ b/Workbench/docker-compose.yml
@@ -313,6 +313,7 @@ services:
       - wordpress_data:/var/lib/mysql
     ports:
       - 3306
+
   comanage:
     build: 
       context: ./comanage/
@@ -325,6 +326,10 @@ services:
      - net
     ports:
      - 11443:443
+    volumes:
+     - type: bind
+       source: ./configs-and-secrets/comanage/shibboleth/shibboleth2.xml
+       target: /etc/shibboleth/shibboleth2.xml
 
 networks:
   net:    
diff --git a/Workbench/webproxy/container_files/httpd/proxy.conf b/Workbench/webproxy/container_files/httpd/proxy.conf
index bb6ec23..1fd5e7e 100644
--- a/Workbench/webproxy/container_files/httpd/proxy.conf
+++ b/Workbench/webproxy/container_files/httpd/proxy.conf
@@ -39,4 +39,5 @@ ProxyPass /phpmyadmin https://directory/phpmyadmin
 ProxyPassReverse /phpmyadmin https://directory/phpmyadmin
 
 ProxyPass /registry https://comanage/registry
+ProxyPass /registrySSO https://comanage/registrySSO
 #ProxyPassReverse /comanage https://comanage/