I have a 'sign in' link in my menu. If the user clicks on this link the login page is displayed and the credentials can be entered. When the user is logged in the menu is expanded with links to secured modules which can only be accessed by logged in users. For performance reasons these secured modules are cached. This all works fine.
The problem occures at the moment that a user is logged in and leaves the page open for a period of time. During this period of time the session and the cache both expire but the links to secured modules are still being displayed because the user has not clicked on a link. When a user clicks on a secured link in this situation the login form is displayed and at the same time a new cache file is generated containing the login form. This results in a login form being displayed again (the cached version) even if the user has logged in successful.
Is there a way I can enforce secured pages NOT being cached if the user is not autheticated?