You can't access the back-end datastore with an unauthenticated EntityManager unless it knows it's a server-side EntityManager. The EntityManager that's passed into the Login() method is a server-side one, but it lacks the static EntityQuery properties (e.g., em1.Users) that your specialized EntityManager type (e.g., DomainModelEntityManager) includes. So you have a couple of choices:
1. Use the ExecuteQuery<T>() method on the provided EntityManager to execute your query, or
2. Create a specialized DomainModelEntityManager using the constructor that takes another EntityManager as a parameter, and forward the one passed to Login().
DomainModelEntityManager manager = new DomainModelEntityManager(pManager);
Then you can use invoke the manager.Users property.
My guess is that in v3 you used (directly) the PersistenceManager that was passed into Login().
For reference, here's some commented code from my own from my implementation of IEntityLoginManager.Login() that spells it all out:
public IPrincipal Login(ILoginCredential pCredential, EntityManager pManager) {
// pManager is a server-side EntityManager and is authorized to access the
// back-end data stores without authentication. However, it contains none of the
// convenient EntityQuery<T> properties -- e.g., em.Users -- that are included
// with its specialized offspring, the DomainModelEntityManager. Therefore
// to use it to retrieve data, you must go through its ExecuteQuery() methods:
//
// pManager.ExecuteQuery<User>(new EntityQuery<User>().Where(u => u.UserName == pUserName));
//
// Alternatively, you can get a specialized DomainModelEntityManager for use,
// but you must obtain it as follows:
DomainModelEntityManager manager = new DomainModelEntityManager(pManager);
// Creating your new EntityManager using the credentials of the existing
// server-side one results in another server-side EntityManager. It therefore also
// permits access to the backend datastore without authentication. As a bonus, it also
// excludes the client-server communications overhead that a client-side
// EntityManager normally carries.
//
// Two things that don't work:
//
// 1. Direct casting of the passed-in EntityManager:
//
// DomainModelEntityManager manager = (DomainModelEntityManager)pManager;
//
// 2. Creation of a new DomainModelEntityManager using the parameterless constructor:
//
// DomainModelEntityManager manager = new DomainModelEntityManager();
//
// In the first case, the cast simply fails. In the second, you get a normal (client-side)
// DomainModelEntityManager that doesn't permit data retrieval from the back-end
// data sources without authentication.
Regards,
Greg