Can I use Keycloak and tomcat for secondary authentication provider?

Is there a way to use keycloak and tomcat to provide a secondary authentication provide? IE, Keycloak saml adaptor authentication fails and then user is prompted for authentication against an AD LDAP authentication provider?

Thankx for any an all ideas