Can I stop importing packages into the repository?

Hello. everyone

I made up three nexus repos.

If we call nexus 1, 2, 3 in order,
Nexus 1 is looking at nexus 2 and nexus 3 is looking at an external repository (https://repo1.maven.org…etc.).

user → nexus 1 → nexus 2 → nexus 3 (https://repo1.maven.org)

Here, when I request any package (maven or gradle) from nexus 1, I want to download the package from the outside through nexus 2 and 3, and then download the packages that I requested only from nexus 2 without being saved in nexus 1 repo.

Is there a way to stop when packages are downloaded to nexus 1 and packages are downloaded to nexus 2?

Now I have a proxy server, nexus 1 looks at the proxy and forwards the desired package GET request to nexus 2 through the proxy, and proxy server returns a 404 error to nexus 1.
However, there is an error in this method that cannot request the indirect dependency of the package that requests to be down together. So I left a question to find a way.

I’d appreciate your help.

Youna, I don’t quite understand what you’re trying to do. Can you clarify this part? Are you trying to download packages through nexus 1 without having them permanently stored in nexus 1, or something else?

  1. The user connects with nexus1 and requests the package (e.g., eclipse).

  2. The remote url of nexus1 becomes nexus2, the remote url of nexus2 becomes nexus 3, and the remote url of nexus3 becomes the external repository (ex. https://repo1.maven.com).

  3. Nexus1 received a package or library request from the user is delivered to Nexus2 through remote url.

  4. Nexus2 sends a request to nexus3, and because of the configuration of nexus repository, nexus 1,2,3 all have the package or library you requested saved through nexus3.

5.However, nexus1 should not store the requested package or library because the nexus I am trying to configure may have a package or library with a license or vulnerability due to internal policy. (must be stored only on nexus2 and nexus3)

As a result, the user makes a package or library request through nexus1, but the data requested by nexus1 should not be accepted directly.

This is because we need to push to nexus1 after checking if there is no problem using the package or library requested by the user in nexus2.

Is there any setting or method for this configuration?