yeah that makes sense, you can't do a RADIUS CoA from a web auth, they are different services.
but why do you want to do a web redirection? you asked about terminating a session and now this web redirection comes up, i don't see where.
can't you do the CoA on the RADIUS requests from the ASA? that is how they do it on that Cisco document and that is how I do it with similar deployments. with onguard you combine RADIUS and web auth on the whole.