TYPO3.Flow

After recent changes (and as far as I can see the issue occurs in alpha-11, too), user authentication with Security Framework does not work any more.

Exception #1222204027:
Authentication failed: "Could not authenticate any token. Might be missing or wrong credentials or no authentication provider matched."

Submitted data (username and password) are correct (see further information about name of input-tag below).
PHP Suhosin is active but configured to accept 128 characters for POST names (these settings worked in the past):

suhosin.post.max_name_length = 128
suhosin.request.max_varname_length = 128

Fluid template contains the following <input...> tag naming:

DOES NOT WORK (as in older FLOW3 version before revision r5005)
F3\FLOW3\Security\Authentication\Token\UsernamePassword::username
F3\FLOW3\Security\Authentication\Token\UsernamePassword::password

DOES NOT WORK (as in FLOW3-1.0.0-alpha11)
F3.FLOW3.Security.Authentication.Token.UsernamePassword.username
F3.FLOW3.Security.Authentication.Token.UsernamePassword.password

It also does not work if keywords are shortened (this proves that Suhosin or the length is not the issue) as follows.

DOES NOT WORK (< 64 characters)
F3.FLOW3.Security.Authentication.Token.UsernamePassword.user

("user" instead of "username" => string length 60 characters)

If I change FLOW3 core file Packages/Framework/FLOW3/Classes/Security/Authentication/Token/UsernamePassword.php as follows (and naming of the input tag in Fluid templates as well) - it works:

Method updateCredentials()

$username = \F3\FLOW3\Reflection\ObjectAccess::getPropertyPath($postArguments, 'username');
$password = \F3\FLOW3\Reflection\ObjectAccess::getPropertyPath($postArguments, 'password');

Possibly a side effect of revision r5005 and/or issue #6315.