I don't understand the fetish with caching every variation for every user.
Here's a thought: dynamic apps should render a page exactly one way in html, and rely on javascript and cookies to post-process the site so it APPEARS to be customized for that particular user. That includes admin widgets.
That particularly applies for displaying how many minutes ago something was generated. Serve it with a date-time format, use javascript to post-process into "x seconds ago" or "x minutes ago".
If someone isn't logged in, or isn't an admin, and they hack their javascript to display user or admin stuff, who cares? The user/admin requests sent to the webserver won't succeed anyway, because they rely on having an admin session cookie.
If there's meaningful rather than just UI stuff that users or admins get to see, then you have to cache that separately, but you can even do stuff like loading it dynamically with js so the publicly visible (cached) content can still be used, and you cut down the amount of stuff your server has to auto-generate. It can cache the separate pages (xml, json, whatever) that serve the logged-in user content, as well.
Here's a thought: dynamic apps should render a page exactly one way in html, and rely on javascript and cookies to post-process the site so it APPEARS to be customized for that particular user. That includes admin widgets.
That particularly applies for displaying how many minutes ago something was generated. Serve it with a date-time format, use javascript to post-process into "x seconds ago" or "x minutes ago".
If someone isn't logged in, or isn't an admin, and they hack their javascript to display user or admin stuff, who cares? The user/admin requests sent to the webserver won't succeed anyway, because they rely on having an admin session cookie.
If there's meaningful rather than just UI stuff that users or admins get to see, then you have to cache that separately, but you can even do stuff like loading it dynamically with js so the publicly visible (cached) content can still be used, and you cut down the amount of stuff your server has to auto-generate. It can cache the separate pages (xml, json, whatever) that serve the logged-in user content, as well.