Apache Avalon: Products
Home PlanetProductsCentral
Avalon Download Site

Use the links below to download a binary distribution of Avalon from one of our mirrors. It's a good idea to verify the integrity of the downloaded files using signatures downloaded from our main distribution directory (see below).

Avalon is distributed as zip and tar.gz archives - the contents are the same. Please note that the tar.gz archives contain file names longer than 100 characters and have been created using GNU tar extensions. They must be untarred with a GNU compatible version of tar.

If you do not see the file you need in the links below, please see the master distribution directory or, preferably, its mirror.


You are currently using the [preferred]. If you encounter a problem with this mirror, please select another mirror. If all mirrors are failing, there are backup mirrors (at the end of the mirrors list) that should be available.

Other mirrors:


All avalon products are distributed under the terms of The Apache Software License (version 2.0). See our License page, or the LICENSE.txt files included in each distribution.

Jar Repository

All Avalon jars can also be found in the repository for use with Maven and other repository-aware applications.

Product Downloads

This is only a list of the most commonly requested distributions. You can browse the repository for a full range of our various software distributions, including older versions.

Legacy Material
Product Binary Source Jars
Avalon Fortress binaries browse jars
Avalon Phoenix binaries browse jars

The latest Excalibur and Fortress releases can now be found at the Excalibur Project.

Phoenix development has been continued in the Loom project.

Verify Releases

It is essential that you verify the integrity of the downloaded files using the PGP or MD5 signatures.

The PGP signatures can be verified using PGP or GPG. First download the KEYS as well as the asc signature file for the particular distribution. Make sure you get these files from the main distribution directory, rather than from a mirror. Then verify the signatures using

% pgpk -a KEYS
% pgpv name-of-distributed-file.tar.gz.asc


% pgp -ka KEYS
% pgp name-of-distributed-file.tar.gz.asc


% gpg --import KEYS
% gpg --verify name-of-distributed-file.tar.gz.asc