OWE gives you wireless encryption without authentication, and the Splash page gives you authentication without wireless encryption. Combining both leaves you individually vulnerable to attacks on the other. An attacker on the wireless side can still make himself a MitM to interact with the wireless data in cleartext form. If it is for internal users (as you are talking about AD login), implementing 802.1X is the only secure way to combine both.
... View more
