Hi Darren,
should be no problem, using double authentication:
aaa-server myLDAP protocol ldap
...
aaa-server myRSA protocol sdi
...
tunnel-group foo general-attributes
authentication-server-group myRSA
secondary-authentication-server-group myLDAP [use-primary-username]
This will prompt for 2 usernames & 2 passwords, unless you add "use-primary-username" but I guess in your case you do need 2 different usernames.
hth
Herbert