We have a requirement of implementing SSO for a customer(OKTA is his IDP) and we also have other client asking for SSO(ADFS and One Login). And all other clients authentication will be database authentication.

So based on each client the authentication mechanism should change. Is this possible?

My application is Multi Tenant SaaS. Where its deployed on AWS and a load balancer will switch servers randomly.

We use Angular 5 and Spring boot 2.1 for Services.

How can i achieve this? Please guide.

This is possible, given that you did not give the way you identify tenants, like subdomains etc, you will be able to infer the tenant by name as the below logic starts.

The logic is as follows,

1. get the incoming request to a controller
2. Identify the tenant (either through URL / UI Input)
3. Based on the tenant identified, re-route to the tenant specific page
4. If the user belongs to a tenant that does not have a SSO (DB Authentication), you can redirect to the username / password login page
5. The controller that decides this logic will be accessible without authorization & it will need to access a database to know the authenticationType for the inferred tenant name.

Since this will be based on each request, application will be stateless and you can use ELB as mentioned in your post without any issues.