I am currently trying to do something similar. I think you need a new feature to be supported in Junos called 'port-bounce'. This is where the RADIUS server sends a COA (Change of Authorization) message to the switch that changes the VLAN and also bounces the port to force a new DHCP request.
Apparently no config is required on the switch, but the feature was only implemented in 17.3 on an EX4300 (what I am using - not sure about your switch). So you may want to look at Pathfinder.juniper.net to see if you need new Junos. Here is some info:
The other thing you need is for the Port-Bounce RADIUS VSA to be sent by the RADIUS server. Our server does not have this in the juniper.dct file, so it is unable to send it. Unfortunately I have also been unable to find a new juniper.dct dictionary anywhere.
We use Pulse Policy Secure for this, and I was considering modifying the juniper.dct file to include the new VSA, but don't know what the attribute value should be. If you find out, do let me know!
Good luck.
Andy