Under a normal deployment type (for instance with an Aruba controller or IAP), it's the network device that converts the web login to a RADIUS which it then sends to Clearpass (which you could then proxy).
If a user is looking directly at a Clearpass page, the Clearpass would have to understand something about how the user got there and what to do next.
I.e. when a user types in details, think about how you expect the Clearpass to know how we got to this point and where the "LANSwitch" is with which we need to communicate. AND, when the details are entered (assuming Clearpass knows the switch involved), what should it send back to that switch to tell it the user is "ok" and can now be treated differently.
So, when you say "LANSwitch", what manufacturer and product model is the user connected to (you'd have to understand this to model it)? And how specifically does this device redirect the user in your scenario? Futhermore, if you're talking COA, this would assume the network device is involved in a RADIUS conversation with Clearpass in the first place. So how is it doing that (protocol, feature, maybe like Cisco WCCP)?