Apply the atg.userprofiling.ProfileAsXMLOwnerPolicy to this service. This security policy verifies that the user associated with the current session matches the user whose profile is being updated. The functional name (xmlProfileOwnerOperation) differs from the profileOwnerOperation used by other services that are based on profile ownership because the security argument in this service is a Repo2Xml item rather than a profile ID. For more information, see ProfileAsXMLOwnerPolicy.
