The Bonsai Framework also provides a pre-packaged portable and secured version of Tomcat. This document outlines the hardening steps taken.
The steps begin with a tar.gz version of Tomcat from the Apache website and start int the root directory of Tomcat. For example,
tar -xvpf apache-tomcat-6.0.32 cd apache-tomcat-6.0.32
This document is for reference. To get up and started, go ahead and download Bonsai Framework Tomcat 6.0.32.
Remove Unnecessary Files
Delete sample applications,
cd webapps rm -rf docs examples
We recommend against using the Manager application,
# You should still be in the webapps directory rm -rf host-manager manager cd ..
http://www.cisecurity.org/resources-publications/
https://www.owasp.org/index.php/Securing_tomcat
...
References
http://blogs.mulesoft.org/is-your-tomcat-secure/ - looks like a good lead.