I am planning to use the Shibboleth SSO Service Provider in my application, which is explained here. It is mentioned, that after a successful login, user information can be
"read from the webserver environment, e.g. within PHP".
According to the documentation of mod_proxy_ajp:
Environment variables whose names have the prefix AJP_ are forwarded to the origin server as AJP request attributes (with the AJP_ prefix removed from the name of the key).
So assuming you configure your Shibboleth SP to decode a SAML Attribute as the webserver environment variable "mail", in your application code you can get the value by using