I'm using the example in the doc http://docs.oracle.com/cd/E10390_01/doc/search.1018/b32515/oracle/search/query/webservice/client/OracleSearchService.html. I would like to create a customized search. However, I am facing problems because the API requires that I inform the user password. In this case, how can I perform the search without entering the password? Theoretically authentication has been performed by an SSO, and if so, how could I tell that to the API?
If your application knows for sure that the user has been correctly authenticated by an external mechanism, then you should use the "proxy login" feature to run queries on behalf of that user.
Proxy login relies on a shared secret between your application and the SES server. This is implemented via Federation Trusted Entities in the Global Settings. The proxy login name is the entity name, and the password is either entered directly in the Trusted Entities page, or looked up via the identity plugin, if that option is chosen on the Trusted Entities page.