Greetings!
When configuring access methods for switch management access, the 'aaa authentication <feature>' commands provide the ability to configure both a primary and secondary authentication method. If you'd like RADIUS to be the primary method and local username/password to be the secondary, you would use the following commands (these cover console/SSH login and enable access, as well as access to the Web UI):
switch(config)# aaa authentication console login radius local
switch(config)# aaa authentication console enable radius local
switch(config)# aaa authentication ssh login radius local
switch(config)# aaa authentication ssh enable radius local
switch(config)# aaa authentication web login radius local
switch(config)# aaa authentication web enable radius local
You can find more background info and suggestions in the ArubaOS-Switch Hardening Guide, as well as the Access Security Guide.