Did you explicitly set the association between order and shipper? If not then it doesn't really matter that a certain shipper created it. And I wouldn't recommend querying using the owner attribute but instead use the logical association that you also set up.
Additionally, if this is a security constraint then a constraint like this does not belong on a form but in the access rules set for a certain entity in the domain model, otherwise you can easily query the application to still show all the entities.
Just to clarify this for the next one who might encounter the same issues as I did to get this approach working.
Case: You have an entity with people (customers, employees, etc) that should have the possibility to log into the program with username and password.
Go to your domain model and let the entity inherit from Administration.Account. When you create those new entities, you can log in with them. As in my case, I assume your entity that is used for log ins has a relation to another entity (e.g. a customer has 1-n orders, or an employee has 1-n customers or whatever), you want to display only the orders the customer has made that is logged in. To do that, go to the form that is creating the order. Delete the save button and create a new button based on a microflow. In the microflow, start by retrieving the customer object that has made the order (the one you are logged in with).
Retrieve by database, select your customer entity, select "First", add xPath:
[id = '[%CurrentUser%]']
Name it customer. In the next step create a change activity and change the current order object. Select the association you have made from that order to customer and the value "$customer". Now do the steps a normal save would do - commit and close the pop up form if necessary.
This microflow might also be done with an Event Handler depending on your requirements.
In your form (or, as Bas suggested, when you are in Production in your Entity Access) add
[Module.Order_Customer = '[%CurrentUser%]']
Good luck, and thanks a lot Bas!