Distributed caching is increasingly used to shorten the response time of Web servers and balance the load on the network by avoiding repeated transmission of the same content. An important research issue is the provision of access control mechanisms in the cache servers in order to service only authenticated client requests. In this paper, we provide a solution based on the distribution of secure cookies, avoiding the distribution and replication of sensitive information to the cache servers. With respect to previous proposals, our solution is lightweight, since it does not rely on computational heavy security mechanisms. We analyze two scenarios for authenticated caching involving different participants and, in both cases, describe a viable caching scheme.