Status Code:401 Authorization Required
Authorization:Digest username="gjggj", realm="apps", nonce="75602afa895d26f9796f3c9174cf83f3", uri="/misc/apps/", algorithm=MD5, response="9e113b10d3e95b590bdef0fc7c7c617b", qop=auth, nc=00000001, cnonce="61f73b73f6b33ea2"
User-Agent:Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.17 (KHTML, like Gecko) Chrome/24.0.1312.57 Safari/537.17
Date:Wed, 13 Feb 2013 11:07:26 GMT
Server:Cherokee/1.0.8 (Debian GNU/Linux)
WWW-Authenticate:Digest realm="apps", nonce="75602afa895d26f9796f3c9174cf83f3", qop="auth", algorithm="MD5"
So I'd say the way to deal with a 407 authorization failure is for the server to respond with a 407 status code despite the fact that the browser has sent authorization information; this shows that the authorization is still needed with the proxy, and implies that there was an authorization failure simply because you're still getting a 407 status code.
Well, if there is an authorization failure for a 401-protected resource, the server simply responds with another 401:
Yes. This answers all the questions. Thanks!