Apply the atg.userprofiling.ProfileOwnerPolicy to this Web service. This policy requires that the ProfileId argument match the profile ID of the user who is calling the method. This behavior ensures that a password can be changed only by the person who owns the profile. For more information, see ProfileOwnerPolicy.
