when specifice page in url, sinatra not enforcing authentication

If I go in with localhost:4567, I get prompted for username and password, but if I go in with localhost:4567/MyStaticPage.htm, it goes right to that page, i.e., without any authentication (and yes, I stopped and restarted sinatra, and closed and reopened my browser) . I put "puts" statements in the "get"s to see what's getting run, and the url with "MyStaticPage.htm" does not seem to be handled in the "get" I would expect. Here's the code:

require 'rubygems'
require 'sinatra'

helpers do

  def protected!
    unless authorized?
      response['WWW-Authenticate'] = %(Basic realm="Restricted Area")
      throw(:halt, [401, "Not authorized\n"])
    end
  end

  def authorized?
    @auth ||=  Rack::Auth::Basic::Request.new(request.env)
    @auth.provided? && @auth.basic? && @auth.credentials && @auth.credentials ==     ['testuser', 'testpassword']
  end

end

get '/MyStaticPage.htm' do
  puts "this is never seen"
  protected!
  File.new('public/MyStaticPage.htm').readlines
end

get '/' do
  puts "this is seen"
  protected!
  File.new('public/MyStaticPage.htm').readlines
end

TIA开发者_如何学JAVA

probably the static files are served before your routes. Don't put those .htm files into the public folder and everything will work out nicely.

Philip