We are updating our Advanced Authentication from AA 9.1.0.79( Base 9.1 version ) to 9.1 SP3. 

What changes are required for the adapter on the Siteminder policy servers as part of this upgrade?

What changes are required for the database as part of this upgrade?

Release : 9.1

Component : Risk Authentication

Below are the documents which talks about the changes from 9.1 version which you have till 9.1SP3. You can refer the new features and defect fixes list just to be aware what has been done.

• Fixed Issues in Advanced Authentication
• New Feature and Enhancements in Advanced Authentication

With respect to Adapter( ArcotAFM, ArcotSM, AdapterSHIM for Siteminder) upgrade from 9.1 to 9.1SP3, you can get the new files for StateManager and Adaptershim from 9.1SP3 environment but if you wish to leave the ArcotAFM as it is that will be fine too, basically if you have ArcotAFM customized then you have to rebuild the war with 9.1SP3 jar files and make sure that works but it is recommended to be on same version for all the components.

You can refer this Upgrade documentation for upgrade from 9.1 to 9.1SP3 version.

Upgrade to 9.1SP3 for Advanced Authentication

9.1SP3 contains some new features and with respect to changes, it has the fix for log4j vulnerability and not much on Adapter side has been done.