User impersonation now fails

This Java action code was working, then it stopped after a recent Mendix upgrade (not sure which one): ``` // This file was generated by Mendix Studio Pro. // // WARNING: Only the following code will be retained when actions are regenerated: // - the import list // - the code between BEGIN USER CODE and END USER CODE // - the code between BEGIN EXTRA CODE and END EXTRA CODE // Other code you write will be lost the next time you deploy the project. // Special characters, e.g., é, ö, à, etc. are supported in comments. package commonutilities.actions; import java.util.UUID; import javax.servlet.http.HttpServletResponse; import com.mendix.core.Core; import com.mendix.systemwideinterfaces.core.IContext; import com.mendix.systemwideinterfaces.core.ISession; import com.mendix.systemwideinterfaces.core.IUser; import com.mendix.webui.CustomJavaAction; /**  * Force login as another user using only their username.  This is intended only as an admin function, or possibly if the user requests to remember them on their own machine.  */ public class Impersonate extends CustomJavaAction {     private java.lang.String username;     public Impersonate(IContext context, java.lang.String username)     {         super(context);         this.username = username;     }     @java.lang.Override     public java.lang.Boolean executeAction() throws Exception     {         // BEGIN USER CODE                  IUser user = Core.getUser(getContext(), username);         var rResponse = this.context().getRuntimeResponse();         var response = rResponse.isPresent() ? rResponse.get() : null;                   //unknown user?         if (user == null) {             return false;         } else {                          //known user                          UUID currentSessionId = this.getContext().getSession().getId();             ISession session = Core.initializeSession(user, currentSessionId.toString());                          // session initialized, make sure the user (browser) knows about it through cookies             if (session != null) {                 if (response != null) {                     /** create cookies and redirect: String key, String value, String path, String domain, int expiry */                     response.addCookie("XASSESSIONID", session.getId().toString(), "/", "", -1);                     response.addCookie("XASID", "0."+String.valueOf(Core.getXASId()),"/", "", -1);                     Core.getLogger("LoginHelper").info("User '" +username + "' has been authenticated.");                     // redirect the user to the index.html, now with session cookie                     response.setStatus(HttpServletResponse.SC_SEE_OTHER);                     response.addHeader("location", "..");                 }                 return true;             }             else {                 return false;             }                      }                  // END USER CODE     }     /**      * Returns a string representation of this action      */     @java.lang.Override     public java.lang.String toString()     {         return "Impersonate";     }     // BEGIN EXTRA CODE     // END EXTRA CODE } ``` (I did not create the original code, it was here: https://forum.mendixcloud.com/link/questions/7637) I just took a username and assume their identity for testing and support purposes.  Again, this WAS working, then Mendix changed something and broke it, and I’m not sure what.  Any ideas?   The error I’m getting now (from a project that was working and had NO changes) is this: com.mendix.modules.microflowengine.MicroflowException: com.mendix.systemwideinterfaces.MendixRuntimeException: com.mendix.core.objectmanagement.SecurityRuntimeException: Write access denied for member 'FailedLogins' of object 'Administration.Account' at Configurations.ImpersonateAccount (JavaAction : 'Impersonate') Advanced stacktrace: at com.mendix.modules.microflowengine.MicroflowUtil.processException(MicroflowUtil.java:152) Caused by: com.mendix.core.CoreRuntimeException: com.mendix.systemwideinterfaces.MendixRuntimeException: com.mendix.core.objectmanagement.SecurityRuntimeException: Write access denied for member 'FailedLogins' of object 'Administration.Account' at com.mendix.basis.actionmanagement.ActionManagerBase.executeSync(ActionManagerBase.java:156) Caused by: com.mendix.systemwideinterfaces.MendixRuntimeException: com.mendix.core.objectmanagement.SecurityRuntimeException: Write access denied for member 'FailedLogins' of object 'Administration.Account' at com.mendix.util.classloading.Runner.doRunUsingClassLoaderOf(Runner.java:36) Caused by: com.mendix.core.objectmanagement.SecurityRuntimeException: Write access denied for member 'FailedLogins' of object 'Administration.Account' at com.mendix.basis.objectmanagement.MendixObjectMemberImpl.checkWriteAccess(MendixObjectMemberImpl.java:155) at com.mendix.basis.objectmanagement.MendixObjectMemberImpl.setValue(MendixObjectMemberImpl.java:233) at com.mendix.basis.objectmanagement.MendixObjectImpl.setValue(MendixObjectImpl.java:196) at com.mendix.basis.objectmanagement.MendixObjectImpl.setValue(MendixObjectImpl.java:185) at com.mendix.basis.session.User.setFailedLogins(User.java:241) at com.mendix.basis.session.User.loginSuccessful(User.java:310) at com.mendix.basis.session.SessionManagerBase.initializeSession(SessionManagerBase.java:58) at com.mendix.basis.component.InternalCoreBase.initializeSession(InternalCoreBase.java:640) at com.mendix.basis.component.InternalCoreBase.initializeSession(InternalCoreBase.java:101) at com.mendix.core.Core.initializeSession(Core.java:1554)