In the implementation of X509Token Authentication

The auth_value is enrypted with the certificate within the keystore and
during verification encrypted auth value is decrypted with the private key
compared against the orignial auth value.

This implementation is prone to replay attacks, that is
any user with out having any knowledge of the auth value can join the group
by replaying the enrypted auth value captured in earlier sessions.