caching for different roles using same controller & views

I use a controller and its views for both administrative and public use,
and I prefer to do page caching instead of fragment caching. I know I
will need to have different URLs for the depend on user roles, eg
/articles/3/comments for public user and admin/articles/3/comments for
administrative user. I looked into several things, but couldn't make it
work.

Joan

Joan Gu wrote:

I use a controller and its views for both administrative and public use,
and I prefer to do page caching instead of fragment caching. I know I
will need to have different URLs for the depend on user roles, eg
/articles/3/comments for public user and admin/articles/3/comments for
administrative user. I looked into several things, but couldn't make it
work.

Joan
  

There have been a couple of posts about page caching with admin users, but from memory both use cookies. Here's one some quick googling turned up:

http://blog.maxdunn.com/articles/2006/09/16/ruby-on-rails-advanced-page-caching

I can't see how using different simply using different can work safely. What's to stop an ordinary user from navigating to admin/articles/3/comments unless you have some sort of Basic authentication done by the webserver.