Apply the atg.userprofiling.ProfileOwnerPolicy
to this Web service. This policy requires that the ProfileId
argument match the profile ID of the user who is calling the method. This behavior ensures that a password can be changed only by the person who owns the profile. For more information, see ProfileOwnerPolicy.