How to unprotect a directory/path in an otherwise Waffle-protected application?

[dpdonohue]

Waffle was properly protecting my entire app. However I need to have an unprotected area. My web.xml file now looks like below. However visiting any URL like
https://my.com/myapp/public/whatever
just returns a blank white screen. If I then go to a URL in my app that is not inside the public path (login required) then back to the original URL, it now works. How can I make Waffle honor my wishes to have some servlets, etc. not require a login?
Thanks!

<security-constraint>
    <display-name>Public Area</display-name>
    <web-resource-collection>
      <web-resource-name>Unprotected Area</web-resource-name>
      <url-pattern>/public/*</url-pattern>
    </web-resource-collection>
  </security-constraint>
  <security-role>
    <role-name>Everyone</role-name>
  </security-role>
  <security-constraint>
    <display-name>Waffle Security Constraint</display-name>
    <web-resource-collection>
      <web-resource-name>Protected Area</web-resource-name>
      <url-pattern>/*</url-pattern>
    </web-resource-collection>
    <auth-constraint>
      <role-name>Everyone</role-name>
    </auth-constraint>
  </security-constraint>

[dblock]

Can you please use the mailing list for these?

The answer is it depends. Which mechanism are you using? A filter? A valve?