When ESCWA initializes the security facility with its configuration and security manager stack, it caches the groups that users belong to. This is to improve performance by reducing the number of security manager queries. If you subsequently delete a user from a group using ESCWA then the change will filter down to the security manager being pointed at. If you then use that user in ESCWA it will still have the group permissions that were deleted because that is still cached.
Micro Focus recommends that if you modify groups in this manner you should refresh the ESCWA cache. To refresh the ESCWA cache, click UPDATE, and then click UPDATE when prompted in the UPDATE SECURITY CONFIGURATION? dialog box.