I have been struggling to find out what the best approach is for this task. I am wanting to hide the existence of different directories and endpoints (fx: /admin, /resources), and want to do so by returning 404 instead of 403.
I attempted to do so by implementing a grails filter which would replace 403s with 404s however that did not seem to work, what would be the best approach to tackle this problem?
Constraint based security (likely what your /admin and /resources endpoints are secured with) is applied before the request is dispatch.
That's why your filter didn't work.
Unfortunately, you cannot have the the endpoints defined with security also return 404, as that will break the authentication / authorization behaviors declared in HTTP. (You will break many HTTP clients by returning 404 instead of 403. those same clients will not send the followup authentication details if the request returns 404)
You could, instead, have /admin on a different port.
Example: use a named ServerConnector (lets call it admins), then create a new Context, and have that context be assigned to the named ServerConnector via the virtual hosts configuration (use @admins as the virtualhost) on that context.
As for your /resources directory, if it's served from Jetty, turn off directory listings, and set an empty welcome list. (alternately, if /resources is served from Jetty's DefaultServlet, then use the init-param welcomeServlets set to true to have the "welcome" sent to your own 404 servlet)
An alternate approach.
Use a custom Jetty Handler positioned in the server Handler tree BEFORE your ServletContextHandler (or `WebAppContext, it depends on your project).
Have that handler look for the specific request URLs that have meaning to you and return 404 before your context even has a chance to see it.