Postgres Pain Points: 1 pg_hba conf

We have always been impressed with the Postgres project and team. The
whole hybrid SQL / JSONB functionality rocks.  The scalability rocks.
The speed and stability rock.  At the command line, Postgres rocks.  But
in applications we have had some real, and not improving pain points:

#1) pg_hba conf
Out of the box the md5 setting blocks access. Most "advice" say change
to "all all trust" and indeed that works.  But that seems a big security
issue.  Specifying a postgres role, password, and peer does not seem to
work.  And this approach is problematic if there are many roles or even
dynamically created roles.

Or is pb_hba conf set up for web sockets and we should be using sockets?

For general use, it seems we should not have to modify this file - it
should "just work" with good security.

--
Support Dept
Tiger Nassau, Inc.
www.tigernassau.com
406-624-9310