Hello all. First-time post. I'm a developer in the Sakai community, writing support to use Sakai as a calendar client for Zimbra.

All my manipulation of Zimbra calendars is through http CalDAV requests. I have a need to set up CalDAV ACLs on certain calendars.

I am having trouble specifying individuals to grant or deny privileges on. I can successfully set a privilege for all authenticated users with a request like this:
Code:
<?xml version="1.0" encoding="utf-8"?>
<D:acl xmlns:D="DAV:">
	<D:ace>
		<D:principal><D:authenticated/></D:principal>
		<D:grant>
			<D:privilege>
				<D:read/>
			</D:privilege>
		</D:grant>
	</D:ace>
</D:acl>
But when I use a request like this to specify an individual principal, I get a "400 bad request" response, with nothing in the body to give me any more information.

Code:
<?xml version="1.0" encoding="utf-8"?>
<D:acl xmlns:D="DAV:">
	<D:ace>
		<D:principal>
<D:href>http://someserver.net/principals/users/student01</D:href>
               </D:principal>
		<D:grant>
			<D:privilege>
				<D:read/>
			</D:privilege>
		</D:grant>
	</D:ace>
</D:acl>
Any ideas? I'm guessing it's just the form of the href that I'm getting wrong.

thanks in advance,
Zach