I am not sure how else you could accomplish this other than using a proxy at this time until we have anonymous access.
You mentioned that is not possible in this scenario. Why is that? You should be able to inject a different authorization header based on the path or some factor to account for these different instances.
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.