diff --git a/lib/AccessCheck/App.pm b/lib/AccessCheck/App.pm
index 24e8f1d72b2311da927a95b29e2e2b15fdf3640c..8ea0dff64d09eee6ec20be4f04266ab93758bcbc 100644
--- a/lib/AccessCheck/App.pm
+++ b/lib/AccessCheck/App.pm
@@ -12,8 +12,6 @@ use constant {
     ACCESSCHECK_VERSION => '1.2.0'
 };
 
-has 'db';
-
 sub startup {
     my $self = shift;
 
@@ -61,13 +59,6 @@ sub startup {
         options  => [ $self->string_to_list($config->{database}->{options}) ]
     );
 
-    try {
-        $self->db(AccessCheck::Data::DB->new());
-    } catch ($error) {
-        $self->log()->fatal("unable to access database, aborting");
-        return;
-    }
-
     my $theme = $config->{setup}->{templates_theme} || 'default';
     my $base_templates_dir  = $self->home()->child('templates');
 
@@ -90,7 +81,6 @@ sub startup {
         },
     );
 
-
     my $routes = $self->routes();
 
     $routes->get('/')->to(controller => 'home', action => 'run')->name('home');
@@ -101,7 +91,6 @@ sub startup {
     $routes->get('/step4')->to(controller => 'step4', action => 'run')->name('step4');
     $routes->get('/step5')->to(controller => 'step5', action => 'run')->name('step5');
 
-
 }
 
 1;
diff --git a/lib/AccessCheck/App/Controller.pm b/lib/AccessCheck/App/Controller.pm
index 0ee9820ce1caff382a61a459295728bd3483f4b4..755dc5c1759b7ab07ad1f2210a1e9118a91fa47f 100644
--- a/lib/AccessCheck/App/Controller.pm
+++ b/lib/AccessCheck/App/Controller.pm
@@ -5,6 +5,7 @@ use Mojo::Base qw(Mojolicious::Controller);
 use English qw(-no_match_vars);
 use Syntax::Keyword::Try;
 
+use AccessCheck::Data::DB;
 use AccessCheck::Data::Entity;
 use AccessCheck::Data::Token;
 use AccessCheck::L10N;
@@ -64,6 +65,16 @@ sub init_user {
     return $user;
 }
 
+sub init_db {
+    my $self = shift;
+
+    my $db = AccessCheck::Data::DB->new();
+
+    $self->stash(db => $db);
+
+    return $db;
+}
+
 sub check_authentication {
     my $self = shift;
 
@@ -80,7 +91,7 @@ sub check_token {
     my ($self, %args) = @_;
 
     my $secret = $args{token};
-    my $db = $self->app()->db();
+    my $db     = $self->stash('db');
 
     my $token = AccessCheck::Data::Token->new(
         db     => $db,
@@ -115,6 +126,7 @@ sub get_sp {
     my ($self, %args) = @_;
 
     my $entityid = $args{entityid};
+    my $db       = $self->stash('db');
 
     return $self->abort(
         log_message  => "Missing parameter: entityid",
@@ -126,7 +138,6 @@ sub get_sp {
         user_message => "invalid_entityid"
     ) if $entityid !~ $AccessCheck::Regexp::entityid;
 
-    my $db = $self->app()->db();
 
     my $sp = AccessCheck::Data::Entity->new(
         db       => $db,
@@ -147,8 +158,8 @@ sub abort {
 
     my $status = $args{status} || 200;
     my $format = $args{format} || 'html';
+    my $db     = $self->stash('db');
 
-    my $db = $self->app()->db();
     $db->rollback() if $db && $db->in_transaction();
 
     $self->app()->log()->error($args{log_message}) if $args{log_message};
diff --git a/lib/AccessCheck/App/Step1.pm b/lib/AccessCheck/App/Step1.pm
index 349fabdd1e546bac05b147844743eb1159dd7df3..1ce567e5d8457226a2e0ede1e79c350a109b9cbf 100644
--- a/lib/AccessCheck/App/Step1.pm
+++ b/lib/AccessCheck/App/Step1.pm
@@ -13,16 +13,17 @@ sub run {
     my $app    = $self->app();
     my $config = $app->config();
     my $log    = $app->log();
-    my $db     = $app->db();
 
     $self->init_l10n();
     $self->init_user();
+    $self->init_db();
 
     if ($config->{app}->{login_url}) {
         return if !$self->check_authentication();
     }
 
     my $user = $self->stash('user');
+    my $db   = $self->stash('db');
 
     my $sps = AccessCheck::Data::Entity->get_entities(
         db    => $db,
diff --git a/lib/AccessCheck/App/Step2.pm b/lib/AccessCheck/App/Step2.pm
index 69daf89c669318454978d536147477acae060ea4..ccaff3717337fa5749adde227faa3a8920a3215b 100644
--- a/lib/AccessCheck/App/Step2.pm
+++ b/lib/AccessCheck/App/Step2.pm
@@ -14,6 +14,7 @@ sub run {
 
     $self->init_l10n();
     $self->init_user();
+    $self->init_db();
 
     if ($config->{app}->{login_url}) {
         return if !$self->check_authentication();
diff --git a/lib/AccessCheck/App/Step3.pm b/lib/AccessCheck/App/Step3.pm
index decf63befc8bba7865d5f3470495ba3eca581082..cf6a6b910844a43aa6ef222a573717d02654a74b 100644
--- a/lib/AccessCheck/App/Step3.pm
+++ b/lib/AccessCheck/App/Step3.pm
@@ -19,10 +19,10 @@ sub run {
     my $app    = $self->app();
     my $config = $app->config();
     my $log    = $app->log();
-    my $db     = $app->db();
 
     $self->init_l10n();
     $self->init_user();
+    $self->init_db();
 
     if ($config->{app}->{login_url}) {
         return if !$self->check_authentication();
@@ -32,6 +32,7 @@ sub run {
     my $email    = $self->param('email');
     my $l10n     = $self->stash('l10n');
     my $user     = $self->stash('user');
+    my $db       = $self->stash('db');
 
     my $sp = $self->get_sp(entityid => $entityid);
     return if !$sp;
diff --git a/lib/AccessCheck/App/Step4.pm b/lib/AccessCheck/App/Step4.pm
index 4e793cce0824170d888eb3fa9a0bac97112877c9..35c825f2d83af8c6b275f2c4e97a55ca7b8ba2be 100644
--- a/lib/AccessCheck/App/Step4.pm
+++ b/lib/AccessCheck/App/Step4.pm
@@ -19,10 +19,10 @@ sub run {
     my $app    = $self->app();
     my $config = $app->config();
     my $log    = $app->log();
-    my $db     = $app->db();
 
     $self->init_l10n();
     $self->init_user();
+    $self->init_db();
 
     if ($config->{app}->{login_url}) {
         return if !$self->check_authentication();
@@ -34,6 +34,7 @@ sub run {
     my $validity = $self->param('validity');
     my $profiles = $self->every_param('profiles');
     my $l10n     = $self->stash('l10n');
+    my $db       = $self->stash('db');
 
     my $sp = $self->get_sp(entityid => $entityid);
     return if !$sp;
diff --git a/lib/AccessCheck/App/Step5.pm b/lib/AccessCheck/App/Step5.pm
index af2444ce6e453d1c6d2758cff11b1b2c96ec2009..5ececfd0862e8e22e8a76e2041689f35e0769374 100644
--- a/lib/AccessCheck/App/Step5.pm
+++ b/lib/AccessCheck/App/Step5.pm
@@ -18,10 +18,10 @@ sub run {
     my $app    = $self->app();
     my $config = $app->config();
     my $log    = $app->log();
-    my $db     = $app->db();
 
     $self->init_l10n();
     $self->init_user();
+    $self->init_db();
 
     if ($config->{app}->{login_url}) {
         return if !$self->check_authentication();
@@ -30,6 +30,7 @@ sub run {
     my $entityid = $self->param('entityid');
     my $token    = $self->param('token');
     my $key      = $self->param('key');
+    my $db       = $self->stash('db');
 
     return if !$self->check_token(token => $token, entityid => $entityid);