Apply the atg.userprofiling.ProfileAsXMLOwnerPolicy
to this service. This security policy verifies that the user associated with the current session matches the user whose profile is being updated. The functional name (xmlProfileOwnerOperation
) differs from the profileOwnerOperation
used by other services that are based on profile ownership because the security argument in this service is a Repo2Xml
item rather than a profile ID. For more information, see ProfileAsXMLOwnerPolicy.