# PostgreSQL Client Authentication Configuration File

# ===================================================

#

# Refer to the "Client Authentication" section in the

# PostgreSQL documentation for a complete description

# of this file.  A short synopsis follows.

#

# This file controls: which hosts are allowed to connect, how clients

# are authenticated, which PostgreSQL user names they can use, which

# databases they can access.  Records take one of these forms:

#

# local      DATABASE  USER  METHOD  [OPTIONS]

# host       DATABASE  USER  CIDR-ADDRESS  METHOD  [OPTIONS]

# hostssl    DATABASE  USER  CIDR-ADDRESS  METHOD  [OPTIONS]

# hostnossl  DATABASE  USER  CIDR-ADDRESS  METHOD  [OPTIONS]

#

# (The uppercase items must be replaced by actual values.)

#

# The first field is the connection type: "local" is a Unix-domain socket,

# "host" is either a plain or SSL-encrypted TCP/IP socket, "hostssl" is an

# SSL-encrypted TCP/IP socket, and "hostnossl" is a plain TCP/IP socket.

#

# DATABASE can be "all", "sameuser", "samerole", a database name, or

# a comma-separated list thereof.

#

# USER can be "all", a user name, a group name prefixed with "+", or

# a comma-separated list thereof.  In both the DATABASE and USER fields

# you can also write a file name prefixed with "@" to include names from

# a separate file.

#

# CIDR-ADDRESS specifies the set of hosts the record matches.

# It is made up of an IP address and a CIDR mask that is an integer

# (between 0 and 32 (IPv4) or 128 (IPv6) inclusive) that specifies

# the number of significant bits in the mask.  Alternatively, you can write

# an IP address and netmask in separate columns to specify the set of hosts.

#

# METHOD can be "trust", "reject", "md5", "password", "gss", "sspi", "krb5",

# "ident", "pam", "ldap" or "cert".  Note that "password" sends passwords

# in clear text; "md5" is preferred since it sends encrypted passwords.

#

# OPTIONS are a set of options for the authentication in the format

# NAME=VALUE. The available options depend on the different authentication

# methods - refer to the "Client Authentication" section in the documentation

# for a list of which options are available for which authentication methods.

#

# Database and user names containing spaces, commas, quotes and other special

# characters must be quoted. Quoting one of the keywords "all", "sameuser" or

# "samerole" makes the name lose its special character, and just match a

# database or username with that name.

#

# This file is read on server startup and when the postmaster receives

# a SIGHUP signal.  If you edit the file on a running system, you have

# to SIGHUP the postmaster for the changes to take effect.  You can use

# "pg_ctl reload" to do that.

# Put your actual configuration here

# ----------------------------------

#

# If you want to allow non-local connections, you need to add more

# "host" records. In that case you will also need to make PostgreSQL listen

# on a non-local interface via the listen_addresses configuration parameter,

# or via the -i or -h command line switches.

#

# DO NOT DISABLE!

# If you change this first entry you will need to make sure that the

# database

# super user can access the database using some other method.

# Noninteractive

# access to all databases is required during automatic maintenance

# (custom daily cronjobs, replication, and similar tasks).

#

# Database administrative login by UNIX sockets

local   all         postgres                          ident

# TYPE  DATABASE    USER        CIDR-ADDRESS          METHOD

# "local" is for Unix domain socket connections only

#local   all         all                               ident

#local   all         all                               trust

# IPv4 local connections:

#host    all         all         127.0.0.1/32          md5

#host    all         all         127.0.0.1/32          trust

# IPv6 local connections:

#host    all         all         ::1/128               md5

#local   all         postgres                          md5

#host    all         all         0.0.0.0/0             md5

local   template1,vegbien  public_           trust

host    template1,vegbien  public_ 0.0.0.0/0 trust   

host    template1,vegbien  public_ ::/0      trust

local   template1,vegbien  +bien            ident

local   template1,vegbien  +bien            md5

host    template1,vegbien  +bien  0.0.0.0/0 md5   

host    template1,vegbien  +bien  ::/0      md5