No, because mod_auth_kerb is a plugin to the Apache web server, not
Tomcat.
There are ways to integrate the Kerberos authentication mechanism in an Apache+Tomcat environment, but they're not very pretty and in some cases you might actually need to change the default internal security settings on each person's web browser. It's not a task to be undertaken lightly.
For less extreme measures, you can use the LDAP Tomcat realm to authenticate against Active Directory. In its basic form, you're using the user's Windows userID and password to sign into each webapp separately. By adding some extra support services, you can share the signon so that the user signs on to a single Tomcat app and all other apps in that server or its domain automatically become authenticated as well.
In the Kerberos method, since you had to signon to Windows to start using the machine, the user is already identified and authenticated, so webapps hooked into that framework don't need to be logged into separately.
Note that a single-signon solution isn't always a good thing. If a single signon automatically hooks you into everything, leaving your desktop unguarded means anyone who wanders by can get instant access to everything. And, it makes it very difficult if you have multiple user accounts on your apps for any reason (for example, you have a special app admin login and a regular account login).