[BUGFIX] Fix functional tests with security and sendWebRequest
This change fixes some security related aspects of the functional
base testcase. Field visibility and method visibility is restored
to protected since custom tests need to be able to call some
of the dependencies (e.g. to initialize or reset additional test
providers). Also sendWebRequest is working again with the new
request implementation and without mocks.