Shibboleth - How to read attributes?

Question 1

You can read Shibboleth SAML attributes sent by the IdP using Request.ServerVariables object:

string server = Request.ServerVariables["HTTP_FIRSTNAME"];

See this if you want to list and print all the attributes in session.

Remember to configure Shibboleth attribute-map.xml to handle the custom attributes your IdP may send:

<Attribute name="firstname" id="firstname" nameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified">
    <AttributeDecoder xsi:type="StringAttributeDecoder"/>
</Attribute>

Question 2

You can also set showAttributeValues to true in the Session handler in shibboleth2.xml. Note, this is not recommended in a production environment. Then restart the shibboleth service; the Attributes section of the Session page will include the actual values.

<!-- Session diagnostic service. -->
<Handler type="Session" Location="/Session" showAttributeValues="true"/>

Question 3

since you mentioned fiddler, i'll go ahead and add (years after the question) that there is a really nice firefox browser add-on called "SAML tracer". (just search for "saml tracer" and you'll find the mozilla addons page for it.) once installed in firefox, you can open its window and it will show all http requests and responses. if anything has saml in it, it will indicate that with a "SAML" tag next to the url; then you can click on that url, choose the "SAML" tab, and read all of the saml that was sent between the idp or sp and your browser. it's a really great in-line troubleshooting tool, so you don't have to mess with anything on the sp and/or idp (or even have access to them).