I’m thinking to write custom authorize attribute and I’m not sure about output caching.
Attribute would look like this:

 public class AuthorizeWithAreasAttribute : AuthorizeAttribute
{        
    public override void OnAuthorization(AuthorizationContext filterContext)
    {
        if (!filterContext.HttpContext.User.IsInRole(Roles))
        {
            var urlHelper = new UrlHelper(filterContext.RequestContext);
            filterContext.HttpContext.Response.Redirect(urlHelper.Action(ControllerName, ActionName, new { area = AreaName }));
        }
        base.OnAuthorization(filterContext);
    }

    public string ControllerName { get; set; }

    public string ActionName { get; set; }

    public string AreaName { get; set; }
}

I have following quote from book professional asp.net mvc:

So, what happens if you combine an authorization filter with [OutputCache]? In the worst case, you
run the risk of an authorized user first visiting your action, causing it to run and be cached, shortly
followed by an unauthorized user, who gets the cached output even though they aren’t authorized.
Fortunately, the ASP.NET MVC team has anticipated this problem, and has added special logic to AuthorizeAttribute to make it play well with ASP.NET output caching. It uses a little-known outputcaching
API to register itself to run when the output-caching module is about to serve a response from
the
cache. This prevents unauthorized users from getting cached content.

After reading this, it remains unclear to me – should I do something regarding caching or not.