When ESCWA initializes the security facility with its configuration and security manager stack, it caches the groups that users belong to. This is to improve performance by reducing the number of security manager queries. If you subsequently delete a user from a group using ESCWA then the change will filter down to the security manager being pointed at. If you then use that user in ESCWA it will still have the group permissions that were deleted because that is still cached.
Micro Focus recommends that if you modify groups in this manner you should reinitialize the ESCWA cache. To reinitialize the ESCWA cache, click Reinitialize, and then click Renew when prompted in the Reinitialize Security Configuration dialog box.