When the remote of a proxy repository returns an HTTP 401 response Nexus will return an HTTP 503 response through the proxy repository.
This error response will break a build. Historically, we have always returned 404 for this case, while (of course) logging clearly why the 404 was returned.
Note that Artifactory repositories have a setting that can be enabled which causes them return 401 rather than 404 for items that don't exist on the remote. This is security through obscurity, so it is debatable whether this is a good idea. But the fact remains there are public Artifactory instances with this setting enabled, such as this one:
Note this also applies to Dockerhub
Expected: We should not break a build unnecessarily by returning an error response when not necessary. In general we can't know if the 401 response from the remote of a proxy is expected or not, so we should be be conservative and not return an error response. We should return a 404