diff --git a/src/backend/signaling-server/src/main/java/com/asyncgate/signaling_server/config/CorsConfig.java b/src/backend/signaling-server/src/main/java/com/asyncgate/signaling_server/config/CorsConfig.java
deleted file mode 100644
index a6b4b5f4..00000000
--- a/src/backend/signaling-server/src/main/java/com/asyncgate/signaling_server/config/CorsConfig.java
+++ /dev/null
@@ -1,41 +0,0 @@
-package com.asyncgate.signaling_server.config;
-
-import lombok.AccessLevel;
-import lombok.NoArgsConstructor;
-import org.springframework.web.cors.CorsConfiguration;
-import org.springframework.web.cors.CorsConfigurationSource;
-import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
-
-import java.util.ArrayList;
-import java.util.Collections;
-
-@NoArgsConstructor(access = AccessLevel.PRIVATE)
-public class CorsConfig {
-
-    public static CorsConfigurationSource corsConfigurationSource() {
-        CorsConfiguration configuration = new CorsConfiguration();
-
-        //리소스를 허용
-        ArrayList<String> allowedOriginPatterns = new ArrayList<>();
-        allowedOriginPatterns.add("*");
-        configuration.setAllowedOriginPatterns(allowedOriginPatterns);
-
-        //허용하는 HTTP METHOD
-        ArrayList<String> allowedHttpMethods = new ArrayList<>();
-        allowedHttpMethods.add("GET");
-        allowedHttpMethods.add("POST");
-        allowedHttpMethods.add("PUT");
-        allowedHttpMethods.add("PATCH");
-        allowedHttpMethods.add("DELETE");
-        allowedHttpMethods.add("OPTIONS");
-        configuration.setAllowedMethods(allowedHttpMethods);
-
-        configuration.setAllowedHeaders(Collections.singletonList("*"));
-//        configuration.setAllowedHeaders(List.of(HttpHeaders.AUTHORIZATION, HttpHeaders.CONTENT_TYPE));
-
-        UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
-        source.registerCorsConfiguration("/**", configuration);
-
-        return source;
-    }
-}
diff --git a/src/backend/signaling-server/src/main/java/com/asyncgate/signaling_server/security/config/CorsConfig.java b/src/backend/signaling-server/src/main/java/com/asyncgate/signaling_server/security/config/CorsConfig.java
new file mode 100644
index 00000000..2dee6a5f
--- /dev/null
+++ b/src/backend/signaling-server/src/main/java/com/asyncgate/signaling_server/security/config/CorsConfig.java
@@ -0,0 +1,28 @@
+package com.asyncgate.signaling_server.security.config;
+
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.web.cors.CorsConfiguration;
+import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
+import org.springframework.web.filter.CorsFilter;
+
+import java.util.List;
+
+@Configuration
+public class CorsConfig {
+
+    @Bean
+    public CorsFilter corsFilter() {
+        UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
+        CorsConfiguration config = new CorsConfiguration();
+
+        config.setAllowCredentials(true);
+        config.setAllowedOriginPatterns(List.of("http://localhost:5173", "https://localhost:5173"));
+        config.addAllowedHeader("*");
+        config.addAllowedMethod("*");
+        config.addExposedHeader("Authorization");
+
+        source.registerCorsConfiguration("/**", config);
+        return new CorsFilter(source);
+    }
+}
\ No newline at end of file
diff --git a/src/backend/signaling-server/src/main/java/com/asyncgate/signaling_server/security/config/SecurityConfig.java b/src/backend/signaling-server/src/main/java/com/asyncgate/signaling_server/security/config/SecurityConfig.java
index 81bfd040..14701c9d 100644
--- a/src/backend/signaling-server/src/main/java/com/asyncgate/signaling_server/security/config/SecurityConfig.java
+++ b/src/backend/signaling-server/src/main/java/com/asyncgate/signaling_server/security/config/SecurityConfig.java
@@ -1,6 +1,5 @@
 package com.asyncgate.signaling_server.security.config;
 
-import com.asyncgate.signaling_server.config.CorsConfig;
 import com.asyncgate.signaling_server.security.constant.Constants;
 import com.asyncgate.signaling_server.security.filter.JsonWebTokenAuthenticationFilter;
 import com.asyncgate.signaling_server.security.usecase.AuthenticateJsonWebTokenUseCase;
@@ -8,6 +7,7 @@
 import lombok.RequiredArgsConstructor;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
+import org.springframework.security.config.Customizer;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
 import org.springframework.security.config.annotation.web.configurers.AbstractHttpConfigurer;
@@ -27,9 +27,7 @@ public class SecurityConfig {
     @Bean
     protected SecurityFilterChain securityFilterChain(HttpSecurity httpSecurity) throws Exception {
         return httpSecurity
-                .cors(cors -> cors
-                        .configurationSource(CorsConfig.corsConfigurationSource())
-                )
+                .cors(Customizer.withDefaults())
                 .csrf(AbstractHttpConfigurer::disable)
 
                 .httpBasic(AbstractHttpConfigurer::disable)