Using SSL for Client/Server communication over TCP/IP sockets without a web server

I have a server application using a TCP listener mechanism with SSL over it using SslStream class, very much similar to what is described in this thread: Tcpip listener sockets SSL streams so much confusion

Our clients, however, are mobile devices of all OS's (iOS, Android etc). I have a server side certificate, but all I really want from my clients as authentication is a 开发者_运维知识库user/pwd string pair given with Basic Authentication protocol.

If the initial connection from the client provides me with these credentials, all is well - I parse the request, extract them and do my checks. If however they are not supplied - how do I ask for them?

The HTTP status code 401 along with the WWW-Authenticate: Basic header is used to prompt the HTTP client to send the username/password string as can be seen in this example

Client request (no authentication):

GET /private/index.html HTTP/1.11
Host: localhost

Server response:

HTTP/1.1 401 Authorization Required
Server: HTTPd/1.0
Date: Sat, 27 Nov 2004 10:18:15 GMT
WWW-Authenticate: Basic realm="Secure Area"
Content-Type: text/html
Content-Length: 311

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
 "http://www.w3.org/TR/1999/REC-html401-19991224/loose.dtd">
<HTML>
  <HEAD>
    <TITLE>Error</TITLE>
    <META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=ISO-8859-1">
  </HEAD>
  <BODY><H1>401 Unauthorized.</H1></BODY>
</HTML>

Client request (user name "Aladdin", password "open sesame"):

GET /private/index.html HTTP/1.1
Host: localhost
Authorization: Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ==