diff --git a/src/main/java/com/xit/core/config/WebCommonConfig.java b/src/main/java/com/xit/core/config/WebCommonConfig.java
index c2c20ac..1d12a42 100644
--- a/src/main/java/com/xit/core/config/WebCommonConfig.java
+++ b/src/main/java/com/xit/core/config/WebCommonConfig.java
@@ -1,8 +1,10 @@
 package com.xit.core.config;
 
 import com.xit.core.constant.XitConstants;
+import com.xit.core.oauth2.config.properties.CorsProperties;
 import com.xit.core.oauth2.oauth.AuthInterceptor;
 import com.xit.core.support.RestTemplateLoggingRequestInterceptor;
+import lombok.RequiredArgsConstructor;
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.beans.factory.annotation.Qualifier;
 import org.springframework.beans.factory.annotation.Value;
@@ -51,8 +53,7 @@ import java.util.concurrent.TimeUnit;
 @Slf4j
 @Configuration
 @EnableSpringDataWebSupport
-//@EnableAutoConfiguration(exclude = {DataSourceAutoConfiguration.class, DataSourceTransactionManagerAutoConfiguration.class, HibernateJpaAutoConfiguration.class})
-//@EnableAutoConfiguration(exclude = {DataSourceAutoConfiguration.class})
+@RequiredArgsConstructor
 public class WebCommonConfig extends AsyncConfigurerSupport implements WebMvcConfigurer {
     private static final String[] EXCLUDE_LOCALE_CHANGE_LIST = {
             "/resources/**",
@@ -74,6 +75,8 @@ public class WebCommonConfig extends AsyncConfigurerSupport implements WebMvcCon
     @Value("${xit.locale}")
     private String locale;
 
+    private final CorsProperties corsProperties;
+
     //---------------------------------------------------------------------------
     // Locale Resolver Setting : Cookie
     //---------------------------------------------------------------------------
@@ -168,22 +171,22 @@ public class WebCommonConfig extends AsyncConfigurerSupport implements WebMvcCon
     //---------------------------------------------------------------------------
 
 
-//    /**
-//     * CORS 설정
-//     * TODO :: SecurityConfig#corsConfigurationSource 설정이 안돼는 경우 적용
-//     * @param registry CorsRegistry
-//     *
-//     * @see SecurityConfig#corsConfigurationSource()
-//     */
-//    @Override
-//    public void addCorsMappings(CorsRegistry registry) {
-//        registry.addMapping("/**")
-//                .allowedOrigins("")
-//                .allowedMethods("GET", "POST", "PUT", "PATCH", "DELETE", "OPTIONS")
-//                .allowedHeaders("*")
-//                .allowCredentials(true)
-//                .maxAge(3600);
-//    }
+    /**
+     * CORS 설정
+     * TODO :: SecurityConfig#corsConfigurationSource 설정이 안돼는 경우 적용
+     * @param registry CorsRegistry
+     *
+     * @see SecurityConfig#corsConfigurationSource()
+     */
+    @Override
+    public void addCorsMappings(CorsRegistry registry) {
+        registry.addMapping("/**")
+                .allowedOrigins(corsProperties.getAllowedOrigins())
+                .allowedMethods(corsProperties.getAllowedMethods())
+                .allowedHeaders(corsProperties.getAllowedHeaders())
+                .allowCredentials(true)
+                .maxAge(3600);
+    }
 
     //---------------------------------------------------------------------------
     // yaml type Message loading