I am familiar with the Apereo CAS Client, that project has an AssertionThreadLocalFilter that allows one to access the principal without having direct access to the web tier session.

org.jasig.cas.client.validation.Assertion assertion = org.jasig.cas.client.util.AssertionHolder.getAssertion();
org.jasig.cas.client.authentication.AttributePrincipal principal = assertion.getPrincipal();