802.1X is a layer 2 authentication method. DHCP Fingerprinting is a layer 3 task, DHCP collector will profile the device by looking into DHCP Discover, request packet.
Before ClearPass profile the device, policy server would have assigned the policy, client would have got VLAN.
To over come this, you could define a policy in such a way that. When device connect to 802.1x SSID first time and authenticate succesfully(client will get an IP address and it will be profiled), bounce its interface and force client to reauthenticate.
Next time time when he connect to Secure SSID(attached enforcement policy as an example), he will get a appropreate VLAN based on device type and policy configured. (ClearPass would have collected device information when client got connected first time)
You better contact Aruba ClearPass system engineer to design policy based on your requirement.