if (subjectTO instanceof UserTO && StringUtils.isBlank(((UserTO) subjectTO).getPassword())) {
final UserTO userTO = (UserTO) subjectTO;
List<PasswordPolicySpec> ppSpecs = new ArrayList<PasswordPolicySpec>();
PasswordPolicy globalPP = policyDAO.getGlobalPasswordPolicy();
if (globalPP != null && globalPP.getSpecification(PasswordPolicySpec.class) != null) {
ppSpecs.add(globalPP.getSpecification(PasswordPolicySpec.class));
}
for (MembershipTO memb : userTO.getMemberships()) {
SyncopeRole role = roleDAO.find(memb.getRoleId());
if (role != null && role.getPasswordPolicy() != null