Users are synced with the application even if they don't have permissions to login

Users that does not have permission to login to applications appear in their people directories.

How to replicate the issue:

In Crowd side:

1) Setup a crowd 2.8.x
2) Create "usera" and "userb" in Crowd internal directory
3) Create "groupa" and "groupb" in Crowd internal directory
4) Place the "usera" inside the "groupa" and "userb" inside "groupb" in Crowd
5) Create a Confluence application in Crowd
6) Place the Crowd internal directory in the Confluence application
7) Allow just the "groupa" access to Confluence in Crowd UI

In Confluence side:

8) Go to the administration -> user directories and create a Crowd user directory there
9) Configure the new directory to access the Confluence application setup in Crowd previously
10) Sync Confluence with the new Crowd user directory

Actual behavior

• Confluence shows all users in the people directory ("usera" and "userb") even the ones that doesn't have access to the application in Crowd UI. Crowd transfer all users from the configured directories, no matter if they have access to the application or not.

Expected Behavior:

• Confluence would sync just the allowed users in Crowd ("groupa" and "usera"). When going to the people directory in Confluence, just the "usera" should appear.