To give you the structure, without actual code.

1. Use scp to copy your install/setup script to the target box.
2. Use ssh to invoke your script on the remote box.

Well, for step 1 and 2 isn't there a tomcat manager web interface; you could script that with curl or zsh with the libwww plug in.

For SSH you're looking to: 1) not get prompted for a password (use keys) 2) pass the command(s) on SSH's commandline, this is similar to rsh in a trusted network.

Other posts have shown you what to do, and I'd probably use sh too but I'd be tempted to use perl like ssh tomcatuser@server perl -e 'do-everything-on-one-line;' or you could do this:

either scp the_package.tbz tomcatuser@server:the_place/.
ssh tomcatuser@server /bin/sh <<\EOF
define stuff like TOMCAT_WEBAPPS=/usr/local/share/tomcat/webapps
tar xj the_package.tbz or rsync rsync://repository/the_package_place
mv $TOMCAT_WEBAPPS/old_war $TOMCAT_WEBAPPS/old_war.old
mv $THE_PLACE/new_war $TOMCAT_WEBAPPS/new_war
touch $TOMCAT_WEBAPPS/new_war [you don't normally have to restart tomcat]
mv $THE_PLACE/vhost_file $APACHE_VHOST_DIR/vhost_file
$APACHECTL restart [might need to login as apache user to move that file and restart]
EOF

Just read a new blog using setsid without any further installation/configuration besides the mainstream kernel. Tested/Verified under Ubuntu14.04.

While the author has a very clear explanation and sample code as well, here's the magic part for a quick glance:

#----------------------------------------------------------------------
# Create a temp script to echo the SSH password, used by SSH_ASKPASS
#----------------------------------------------------------------------
SSH_ASKPASS_SCRIPT=/tmp/ssh-askpass-script
cat > ${SSH_ASKPASS_SCRIPT} <<EOL
#!/bin/bash
echo "${PASS}"
EOL
chmod u+x ${SSH_ASKPASS_SCRIPT}

# Tell SSH to read in the output of the provided script as the password.
# We still have to use setsid to eliminate access to a terminal and thus avoid
# it ignoring this and asking for a password.
export SSH_ASKPASS=${SSH_ASKPASS_SCRIPT}
......
......
# Log in to the remote server and run the above command.
# The use of setsid is a part of the machinations to stop ssh 
# prompting for a password.
setsid ssh ${SSH_OPTIONS} ${USER}@${SERVER} "ls -rlt"

Have you looked at things like Puppet or Cfengine. They can do what you want and probably much more.

I'm not sure if this method will work for everything that you want, but you can try something like this:

$ cat your_script.sh | ssh your_host bash

Which will run the script (which resides locally) on the remote server.

You can try paramiko. It's a pure-python ssh client. You can program your ssh sessions. Nothing to install on remote machines.

See this great article on how to use it.