I assume that you refer to Shibboleth SP (the Service Provider component) and also that you will need Shibboleth IdP (an Identity Provider) to provide the actual authentication.
...And yes, it is feasible and the two methods can easily coexist.
When the user is successfully authenticated by Shibboleth SP (using the Identity Provider) it place the well-known session attributes in the HTTP request attributes and headers.
You can view the session attributes visiting:
https://your-host/Shibboleth.sso/Session
So, Inside your application you can check the presence and the value of those attributes like:
request.getAttribute("NAME_OF_THE_ATTRIBUTE_IN_SESSION")
request.getHeader("NAME_OF_THE_ATTRIBUTE_IN_SESSION")
Then, using Shibboleth attributes you can do the necessary operations to allow or deny the user authentication.
See this official wiki to understand how "Shibbolize" an Application and this for accessing attributes.
I would recommend to start reading from the start this clear and comprehensive wiki on Shibboleth SP and IdP installation and configuration.