Sounds like you want John Doe to automatically sign in to the site he is being redirected to without being challenged for his user credentials again.
To do this securely you need a Single Sign-on solution, these can be expensive and require a certain level of configuration on the server, though there are free ones availble OpenSSO I believe is one., they effectively allow a user's credentials to be propogated to other websites securely, though both sites need to be programmed to use this method.
Assuming that both sites have their own authentication process your code would have to automatically sign him in, to do this it needs his user credentials (i.e. username and password), this is not stuff you want to pass around via the URL. for security reasons.
I have worked on quite a few systems where a security audit was performed, and believe me that approach would not have produced a very good security rating.