When caching is implemented for your website, it's essential to clear the dispatcher cache after publishing pages to ensure the most recent content is displayed to end users. To reflect changes made by authors, we need to configure Replication Agent on Author instance to push changes to the Publish instance and Dispatcher Flush Agent on Publisher instance to invalidate the Dispatcher cache. Once the cache is invalidated, next request will be served from the publisher, and the response will be added to the cache; subsequent requests will be served from the cache without interacting with the publisher.

In general, when a page is retrieved from cache, all users view identical content. However, websites with gated or authenticated pages, certain sections — such as displaying a logged-in user's name or a login button for anonymous users — must remain dynamic and not be cached. Considering this scenario, Sling Dynamic Include (SDI) in AEM supports the dynamic generation of specific components, while also enabling the retrieval of others from cache.

In General, requests containing authentication information are not cached because the cached document is served to the client without authentication. However, if the requirements permit the caching of authenticated documents, this can be activated by setting the /allowAuthorized property to "1". Additionally, need to implement the AuthChecker module, which verifies users access permissions for a page before delivering the cached content.

AEM's dispatcher is not restricted and is publicly accessible by default. While unrestricted access is suitable for production environments, it's recommended to restrict access in lower environments such as dev and stage to your organization or specific users. This can be achieved through IP Allow Lists or Basic Authentication.