if (subjectTO instanceof UserTO && StringUtils.isBlank(((UserTO) subjectTO).getPassword())) {
final UserTO userTO = (UserTO) subjectTO;
List<PasswordPolicySpec> ppSpecs = new ArrayList<PasswordPolicySpec>();
PasswordPolicy globalPP = policyDAO.getGlobalPasswordPolicy();
if (globalPP != null && globalPP.getSpecification() != null) {
ppSpecs.add(globalPP.<PasswordPolicySpec>getSpecification());
}
for (MembershipTO memb : userTO.getMemberships()) {
SyncopeRole role = roleDAO.find(memb.getRoleId());
if (role != null && role.getPasswordPolicy() != null