public override bool CheckAccess(OperationContext operationContext, ref Message message)
        {
            // Open the request message using an xml reader
            XmlReader xr = OperationContext.Current.IncomingMessageHeaders.GetReaderAtHeader(0);

            // Split the URL at the API name--Parameters junction indicated by the '?' character - taking the first string will ignore all parameters
            string[] urlSplit = xr.ReadElementContentAsString().Split('/');
            // Extract just the API name and rest of the URL, which will be the last item in the split using '/'
            string[] apiSplit = urlSplit[3].Split('?');
            // Logging the username and API name
            Tracer.WriteUserLog(apiSplit[0] + " request from user: "******"CheckAccess: Authorized");
                return(true);
            }
            else
            {
                Tracer.WriteUserLog("CheckAccess: NOT Authorized");
                return(false);
            }
        }
        public override bool CheckAccess(OperationContext operationContext, ref Message message)
        {
            // Open the request message using an xml reader
            XmlReader xr = OperationContext.Current.IncomingMessageHeaders.GetReaderAtHeader(0);

            // Split the URL at the API name--Parameters junction indicated by the '?' character - taking the first string will ignore all parameters
            string[] urlSplit = xr.ReadElementContentAsString().Split('/');
            // Extract just the API name and rest of the URL, which will be the last item in the split using '/'
            string[] apiSplit = urlSplit[3].Split('?');
            // Logging the username and API name
            Tracer.WriteUserLog(apiSplit[0] + " request from user: "******"Client IP address : " + ip);
            }


            // If the most-privileged-role that this user belongs has access to this api, then allow access, otherwise deny access
            // Returning true will allow the user to execute the actual API function; Returning false will deny access to the user
            // TODO: May be we should send back a HTTP error code; will include this after shivi checks in her code
            if (ChassisManagerSecurity.GetCurrentUserMostPrivilegedRole() <= ChassisManagerSecurity.GetCurrentApiLeastPrivilegedRole(apiSplit[0]))
            {
                Tracer.WriteUserLog("CheckAccess: Authorized");
                return(true);
            }
            else
            {
                Tracer.WriteUserLog("CheckAccess: NOT Authorized");
                return(false);
            }
        }